CVE-2024-9032

A vulnerability, which was classified as critical, was found in SourceCodester Simple Forum-Discussion System 1.0. Affected is an unknown function of the file /index.php. The manipulation of the argument page leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
References
Link Resource
https://vuldb.com/?ctiid.278202 Permissions Required
https://vuldb.com/?id.278202 Third Party Advisory
https://vuldb.com/?submit.410976 Third Party Advisory
https://www.shawroot.cc/2804.html Third Party Advisory
https://www.sourcecodester.com/ Exploit
Configurations

Configuration 1 (hide)

cpe:2.3:a:oretnom23:simple_forum\/discussion_system:1.0:*:*:*:*:wordpress:*:*

History

20 Sep 2024, 17:04

Type Values Removed Values Added
References () https://vuldb.com/?ctiid.278202 - () https://vuldb.com/?ctiid.278202 - Permissions Required
References () https://vuldb.com/?id.278202 - () https://vuldb.com/?id.278202 - Third Party Advisory
References () https://vuldb.com/?submit.410976 - () https://vuldb.com/?submit.410976 - Third Party Advisory
References () https://www.shawroot.cc/2804.html - () https://www.shawroot.cc/2804.html - Third Party Advisory
References () https://www.sourcecodester.com/ - () https://www.sourcecodester.com/ - Exploit
First Time Oretnom23 simple Forum\/discussion System
Oretnom23
CPE cpe:2.3:a:oretnom23:simple_forum\/discussion_system:1.0:*:*:*:*:wordpress:*:*
CVSS v2 : 6.5
v3 : 6.3
v2 : 6.5
v3 : 8.8

20 Sep 2024, 13:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-20 13:15

Updated : 2024-09-20 17:04


NVD link : CVE-2024-9032

Mitre link : CVE-2024-9032

CVE.ORG link : CVE-2024-9032


JSON object : View

Products Affected

oretnom23

  • simple_forum\/discussion_system
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')