CVE-2024-31551

Directory Traversal vulnerability in lib/admin/image.admin.php in cmseasy v7.7.7.9 20240105 allows attackers to delete arbitrary files via crafted GET request...

CVE-2024-34314

CmsEasy v7.7.7.9 was discovered to contain a local file inclusion vunerability via the filegetcontents function in the fetchaction method of /admin/templateadmin.php. This vulnerability allows attackers to read arbitrary files...

CVE-2024-34315

CmsEasy v7.7.7.9 was discovered to contain a local file inclusion vunerability via the filegetcontents function in the fckeditaction method of /admin/templateadmin.php. This vulnerability allows attackers to read arbitrary files...

CVE-2024-34314

CmsEasy v7.7.7.9 was discovered to contain a local file inclusion vunerability via the filegetcontents function in the fetchaction method of /admin/templateadmin.php. This vulnerability allows attackers to read arbitrary files...

CVE-2024-34315

CmsEasy v7.7.7.9 was discovered to contain a local file inclusion vunerability via the filegetcontents function in the fckeditaction method of /admin/templateadmin.php. This vulnerability allows attackers to read arbitrary files...

CVE-2024-34315

CmsEasy v7.7.7.9 contains a local file inclusion vulnerability exposed via the file_get_contents call inside the fckedit_action method of /admin/template_admin.php. This allows an attacker to read arbitrary files on the server. The CVE CVE-2024-34315 is documented across NVD/Red Hat/CNVD and rela...

CmsEasy 安全漏洞

CmsEasy is a content management system CMS for creating responsive websites from China's Jiuzhou ET Technology CmsEasy. A security vulnerability exists in CmsEasy version v7.7.7.9. An attacker can exploit the vulnerability to read arbitrary files...

CVE-2024-34314

CmsEasy v7.7.7.9 contains a local file inclusion vulnerability exploitable through file_get_contents in the fetch_action() of /admin/template_admin.php, enabling reading arbitrary files. The issue is documented across multiple feeds (NVD, Red Hat, CVE databases). The available sources do not prov...

CVE-2024-31551

Directory Traversal vulnerability in lib/admin/image.admin.php in cmseasy v7.7.7.9 20240105 allows attackers to delete arbitrary files via crafted GET request...

CVE-2024-31551

Directory Traversal vulnerability in lib/admin/image.admin.php in cmseasy v7.7.7.9 20240105 allows attackers to delete arbitrary files via crafted GET request...

CVE-2024-31551

Directory Traversal vulnerability in lib/admin/image.admin.php in cmseasy v7.7.7.9 20240105 allows attackers to delete arbitrary files via crafted GET request...

CVE-2024-25828

cmseasy V7.7.7.9 has an arbitrary file deletion vulnerability in lib/admin/templateadmin.php...

Arbitrary file deletion

cmseasy V7.7.7.9 has an arbitrary file deletion vulnerability in lib/admin/templateadmin.php...

CVE-2024-25828

cmseasy V7.7.7.9 has an arbitrary file deletion vulnerability in lib/admin/templateadmin.php...

CVE-2024-25828

CMSEasy v7.7.7.9 has an arbitrary file deletion vulnerability in lib/admin/template_admin.php. From the documents: vulnerable component is the file lib/admin/template_admin.php; impact is arbitrary file deletion with no confidentiality impact but potential integrity/availability effects; attack v...