A vulnerability, which was classified as critical, was found in SourceCodester Simple Forum-Discussion System 1.0. Affected is an unknown function of the file /index.php. The manipulation of the argument page leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
References
| Link | Resource |
|---|---|
| https://vuldb.com/?ctiid.278202 | Permissions Required |
| https://vuldb.com/?id.278202 | Third Party Advisory |
| https://vuldb.com/?submit.410976 | Third Party Advisory |
| https://www.shawroot.cc/2804.html | Third Party Advisory |
| https://www.sourcecodester.com/ | Exploit |
Configurations
Configuration 1 (hide)
|
History
20 Sep 2024, 17:04
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://vuldb.com/?ctiid.278202 - Permissions Required | |
| References | () https://vuldb.com/?id.278202 - Third Party Advisory | |
| References | () https://vuldb.com/?submit.410976 - Third Party Advisory | |
| References | () https://www.shawroot.cc/2804.html - Third Party Advisory | |
| References | () https://www.sourcecodester.com/ - Exploit | |
| First Time |
Oretnom23 simple Forum\/discussion System
Oretnom23 |
|
| CPE | cpe:2.3:a:oretnom23:simple_forum\/discussion_system:1.0:*:*:*:*:wordpress:*:* | |
| CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 8.8 |
20 Sep 2024, 13:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-09-20 13:15
Updated : 2024-09-20 17:04
NVD link : CVE-2024-9032
Mitre link : CVE-2024-9032
CVE.ORG link : CVE-2024-9032
JSON object : View
Products Affected
oretnom23
- simple_forum\/discussion_system
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')