2 matches found
CVE-2022-37191
The component "cuppa/api/index.php" of CuppaCMS v1.0 is Vulnerable to LFI. An authenticated user can read system files via crafted POST request using function parameter value as LFI payload...
CVE-2022-37191
CVE-2022-37191 affects CuppaCMS v1.0. The vulnerability is an authenticated Local File Inclusion in the cuppa/api/index.php component triggered by crafting a POST request whose function parameter is used as LFI payload, enabling an attacker with valid credentials to read system files. The Nuclei ...