Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:24 a.m.12 views

CVE-2023-40028

Ghost is an open source content management system. Versions prior to 5.59.1 are subject to a vulnerability which allows authenticated users to upload files that are symlinks. This can be exploited to perform an arbitrary file read of any file on the host operating system. Site administrators can...

6.5CVSS6.6AI score0.57565EPSS
Exploits12References1
GithubExploit
GithubExploit
added 2025/04/14 4:14 p.m.193 views

Exploit for Path Traversal in Ghost

CVE-2023-40028 POC for CVE-2023-40028: Ghost CMS Arbitrary Fil...

6.5CVSS6.3AI score0.57565EPSS
Exploits12
Circl
Circl
added 2025/03/07 10:0 a.m.9 views

CVE-2023-40028

creationtimestamp| type| source ---|---|--- 2025-03-07 10:00:06+00:00| published-proof-of-concept| Telegram/DSUpJzd535KWvozjCvixS0aCLxmEfW4QzhCQOssRq3Zo9k 2025-04-12 15:00:15+00:00| seen| https://bsky.app/profile/0xdf.bsky.social/post/3lmmsdrpgls2z 2025-04-14 23:00:06+00:00|...

6.5CVSS6.5AI score0.57565EPSS
Exploits12References2
GithubExploit
GithubExploit
added 2025/03/07 12:48 a.m.624 views

Exploit for Path Traversal in Ghost

CVE-2023-40028: Ghost CMS Symlink Exploitation PoC Overv...

6.5CVSS6.3AI score0.57565EPSS
Exploits12
Packet Storm
Packet Storm
added 2025/03/04 12:0 a.m.228 views

Ghost CMS 5.59.1 Arbitrary File Read

Ghost CMS version 5.59.1 proof of concept arbitrary file reading exploit. ============================================================================================================================================= | Title : Ghost CMS v 5.59.1 PHP Code Injection Vulnerability | | Author :...

6.5CVSS7.1AI score0.57565EPSS
Exploits12
GithubExploit
GithubExploit
added 2025/01/20 10:1 p.m.694 views

Exploit for Path Traversal in Ghost

CVE-2023-40028: Ghost CMS Arbitrary File Read Description...

6.5CVSS6.5AI score0.57565EPSS
Exploits12
GithubExploit
GithubExploit
added 2024/12/28 9:17 p.m.747 views

Exploit for Path Traversal in Ghost

CVE-2023-40028 PoC Exploit Symlink Upload Vulnerability in Gho...

6.5CVSS6.3AI score0.57565EPSS
Exploits12
GithubExploit
GithubExploit
added 2024/12/13 11:42 a.m.747 views

Exploit for Path Traversal in Ghost

Proof of Concept PoC for CVE-2023-40028 CVE-2023-40028 is a...

6.5CVSS6.5AI score0.57565EPSS
Exploits12
GithubExploit
GithubExploit
added 2024/12/12 6:50 p.m.122 views

Exploit for Path Traversal in Ghost

Ghost Arbitrary File Read Exploit CVE-2023-40028 Over...

6.5CVSS7.5AI score0.57565EPSS
Exploits12
GithubExploit
GithubExploit
added 2024/03/23 3:25 p.m.766 views

Exploit for Path Traversal in Ghost

CVE-2023-40028 Proof of Concept This repository contains a pr...

6.5CVSS6.4AI score0.57565EPSS
Exploits12
vulnersOsv
vulnersOsv
added 2023/08/15 8:35 p.m.6 views

ghost-as-middleware (=1.0.0), ghost-blade (=0.1.0) +3 more potentially affected by CVE-2023-40028 via ghost (>=0.11.14 <=1.26.2)

ghost NPM version =0.11.14, =0.1.7, =0.1.10 - persistent-ghost =0.8.2 - sign-alex =1.0.1 Source cves: CVE-2023-40028 Source advisory: OSV:GHSA-9C9V-W225-V5RG...

6.5CVSS6.5AI score0.57565EPSS
Exploits12
Vulnrichment
Vulnrichment
added 2023/08/15 5:25 p.m.21 views

CVE-2023-40028 Arbitrary file read via symlinks in Ghost

Ghost is an open source content management system. Versions prior to 5.59.1 are subject to a vulnerability which allows authenticated users to upload files that are symlinks. This can be exploited to perform an arbitrary file read of any file on the host operating system. Site administrators can...

4.9CVSS6.6AI score0.57565EPSS
Exploits12References2
CVE
CVE
added 2023/08/15 5:25 p.m.282 views

CVE-2023-40028

CVE-2023-40028 affects Ghost CMS versions prior to 5.59.1. The issue arises in the file upload mechanism where authenticated users can upload symlinks, enabling arbitrary file reads on the host (e.g., reading sensitive files outside the Ghost content directory). The primary documented impact is i...

6.5CVSS5.5AI score0.57565EPSS
Exploits12References2Affected Software1
Rows per page
Query Builder