An arbitrary file read vulnerability in DamiCMS v6.0.0 allows remote authenticated administrators to read any files in the server via a crafted /admin.php?s=Tpl/Add/id/ URI.
References
Link | Resource |
---|---|
https://gist.github.com/feric/98180bad0a73716e143ff8dc03fda12f | Exploit Third Party Advisory |
https://gist.github.com/feric/98180bad0a73716e143ff8dc03fda12f | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 03:49
Type | Values Removed | Values Added |
---|---|---|
References | () https://gist.github.com/feric/98180bad0a73716e143ff8dc03fda12f - Exploit, Third Party Advisory |
Information
Published : 2019-07-10 15:15
Updated : 2024-11-21 03:49
NVD link : CVE-2018-14831
Mitre link : CVE-2018-14831
CVE.ORG link : CVE-2018-14831
JSON object : View
Products Affected
damicms
- damicms
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor