CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

Veracode•added 2026/03/23 6:27 a.m.•3 views

Path Traversal

croogo/croogo is vulnerable to path traversal. The vulnerability is due to improper validation of the edit-file parameter, which allows an attacker to craft malicious file paths and read arbitrary files on the server...

6.5CVSS5.9AI score0.0002EPSS

Exploits2References2Affected Software1

RedhatCVE•added 2025/12/27 12:5 a.m.•4 views

CVE-2024-42718

A path traversal vulnerability in Croogo CMS 4.0.7 allows remote attackers to read arbitrary files via a specially crafted path in the 'edit-file' parameter...

6.5CVSS6.9AI score0.0002EPSS

Exploits2References1

EUVD•added 2025/12/26 6:30 p.m.•1 views

EUVD-2024-55362

Croogo CMS has a path traversal vulnerability...

7.5CVSS6.4AI score0.0002EPSS

Exploits2References3

Snyk•added 2025/12/26 6:30 p.m.•1 views

Directory Traversal

Overview croogo/croogo is an Open Source CMS built for everyone. Affected versions of this package are vulnerable to Directory Traversal via the edit-file parameter. An attacker can access arbitrary files on the server by supplying a specially crafted path. Details A Directory Traversal attack al...

7.1CVSS7.6AI score0.0002EPSS

Exploits2References2

Github Security Blog•added 2025/12/26 6:30 p.m.•5 views

Croogo CMS has a path traversal vulnerability

A path traversal vulnerability in Croogo CMS 4.0.7 allows remote attackers to read arbitrary files via a specially crafted path in the 'edit-file' parameter...

6.5CVSS6.9AI score0.0002EPSS

Exploits2References4Affected Software1

OSV•added 2025/12/26 5:15 p.m.•1 views

CVE-2024-42718

A path traversal vulnerability in Croogo CMS 4.0.7 allows remote attackers to read arbitrary files via a specially crafted path in the 'edit-file' parameter...

6.5CVSS6.8AI score0.0002EPSS

Exploits2References2

NVD•added 2025/12/26 5:15 p.m.•2 views

CVE-2024-42718

A path traversal vulnerability in Croogo CMS 4.0.7 allows remote attackers to read arbitrary files via a specially crafted path in the 'edit-file' parameter...

6.5CVSS0.0002EPSS

Exploits2References2

CVE•added 2025/12/26 12:0 a.m.•5 views

CVE-2024-42718

CVE-2024-42718 affects Croogo CMS 4.0.7 and is a path-traversal vulnerability that allows remote attackers to read arbitrary files via a crafted value in the edit-file parameter. The issue is documented across multiple feeds (Red Hat, CIRCL, OSV, NVD, etc.) with the same description. The CVE entr...

6.5CVSS6.5AI score0.0002EPSS

Exploits2References2Affected Software1

CNNVD•added 2025/12/26 12:0 a.m.•1 views

Croogo 安全漏洞

Croogo is Croogo open source a set of CakePHP framework based on the development of content management system CMS. The system provides content type can be customized as Blog, Node, Page, content editing using WYSIWYG editor and other features. Croogo 4.0.7 version of a security vulnerability , th...

6.5CVSS6.4AI score0.0002EPSS

Exploits2References3

Vulnrichment•added 2025/12/26 12:0 a.m.•1 views

CVE-2024-42718

A path traversal vulnerability in Croogo CMS 4.0.7 allows remote attackers to read arbitrary files via a specially crafted path in the 'edit-file' parameter...

6.5AI score0.0002EPSS

Exploits2References2

Prion•added 2009/01/06 5:30 p.m.•10 views

Directory traversal

Directory traversal vulnerability in backend/template.php in Constructr CMS 3.02.5 and earlier, when registerglobals is enabled and magicquotesgpc is disabled, allows remote attackers to create or read arbitrary files via directory traversal sequences in the editfile parameter...

5.1CVSS7.3AI score0.0383EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by