Lucene search
+L

5 matches found

NVD
NVD
added 2023/04/25 6:15 p.m.41 views

CVE-2023-29200

Contao is an open source content management system. Prior to versions 4.9.40, 4.13.21, and 5.1.4, logged in users can list arbitrary system files in the file manager by manipulating the Ajax request. However, it is not possible to read the contents of these files. Users should update to Contao...

6.5CVSS5AI score0.00797EPSS
Exploits0References3
CVE
CVE
added 2023/04/25 5:0 p.m.45 views

CVE-2023-29200

Summary: CVE-2023-29200 is a directory traversal vulnerability in Contao’s file manager (core-bundle). Prior to versions 4.9.40, 4.13.21, and 5.1.4, authenticated back-end users could trigger an Ajax request to list arbitrary files outside the document root. Some sources state that file contents ...

6.5CVSS5.3AI score0.00797EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/04/25 5:0 p.m.46 views

CVE-2023-29200 contao/core-bundle has path traversal vulnerability in the file manager

Contao is an open source content management system. Prior to versions 4.9.40, 4.13.21, and 5.1.4, logged in users can list arbitrary system files in the file manager by manipulating the Ajax request. However, it is not possible to read the contents of these files. Users should update to Contao...

4.3CVSS6.5AI score0.00797EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/04/25 5:0 p.m.8 views

CVE-2023-29200 contao/core-bundle has path traversal vulnerability in the file manager

Contao is an open source content management system. Prior to versions 4.9.40, 4.13.21, and 5.1.4, logged in users can list arbitrary system files in the file manager by manipulating the Ajax request. However, it is not possible to read the contents of these files. Users should update to Contao...

4.3CVSS6.4AI score0.00797EPSS
Exploits0References3
Contao
Contao
added 2023/04/25 12:0 a.m.21 views

Directory traversal in the file manager

Date : 2023-04-25 CVE ID : CVE-2023-29200 Authenticated users in the back end can list files outside the document root in the file manager. However, it is not possible to read the contents of these files. Thanks to Daniel Barros for reporting the problem. Affected versions Contao 4.0 Contao 4.1...

6.5CVSS5.1AI score0.00797EPSS
Exploits0Affected Software1
Rows per page
Query Builder