4 matches found
CVE-2026-29597
DDSN Interactive cm3 Acora CMS version 10.7.1 contains an improper access control vulnerability. An editor-privileged user can access sensitive configuration files by force browsing the “/Admin/filemanager/filedetails.asp” endpoint and manipulating the “file” parameter. By referencing specific...
CVE-2026-29597
DDSN Interactive cm3 Acora CMS version 10.7.1 contains an improper access control vulnerability. An editor-privileged user can access sensitive configuration files by force browsing the “/Admin/filemanager/filedetails.asp” endpoint and manipulating the “file” parameter. By referencing specific...
DDSN Interactive Acora CMS 安全漏洞
DDSN Interactive Acora CMS is an enterprise network and mobile CMS provided by DDSN Interactive. There is a security vulnerability in DDSN Interactive Acora CMS v10.7.1, which stems from improper access control at the filedetails.asp endpoint. This vulnerability could allow attackers with editor...
CVE-2026-29597
CVE-2026-29597 affects DDSN Interactive Acora CMS v10.7.1. An editor-privileged user can force-browse and manipulate the file parameter of /Admin/file_manager/file_details.asp to access sensitive configuration files (e.g., cm3.xml), leaking credentials (system administrator, SMTP, database) and o...