CVE-2020-24137

Directory traversal vulnerability in Wcms 0.3.2 allows an attacker to read arbitrary files on the server that is running an application via the path parameter to wex/cssjs.php.
Configurations

Configuration 1 (hide)

cpe:2.3:a:wcms:wcms:0.3.2:*:*:*:*:*:*:*

History

21 Nov 2024, 05:14

Type Values Removed Values Added
References () https://github.com/secwx/research/blob/main/cve/CVE-2020-24137.md - Third Party Advisory () https://github.com/secwx/research/blob/main/cve/CVE-2020-24137.md - Third Party Advisory
References () https://github.com/vedees/wcms/issues/7 - Third Party Advisory () https://github.com/vedees/wcms/issues/7 - Third Party Advisory

Information

Published : 2021-04-07 16:15

Updated : 2024-11-21 05:14


NVD link : CVE-2020-24137

Mitre link : CVE-2020-24137

CVE.ORG link : CVE-2020-24137


JSON object : View

Products Affected

wcms

  • wcms
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')