CVE-2023-1191

A vulnerability classified as problematic has been found in fastcms. This affects an unknown part of the file admin/TemplateController.java of the component ZIP File Handler. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The associated identifier of this vulnerability is VDB-222363.
References
Link Resource
https://github.com/ha1yuYiqiyinHangzhouTechn0logy/fastcms/blob/main/README.md Exploit Third Party Advisory
https://github.com/my-fastcms/fastcms/issues/1 Exploit Issue Tracking Vendor Advisory
https://vuldb.com/?ctiid.222363 Permissions Required Third Party Advisory
https://vuldb.com/?id.222363 Third Party Advisory
https://github.com/ha1yuYiqiyinHangzhouTechn0logy/fastcms/blob/main/README.md Exploit Third Party Advisory
https://github.com/my-fastcms/fastcms/issues/1 Exploit Issue Tracking Vendor Advisory
https://vuldb.com/?ctiid.222363 Permissions Required Third Party Advisory
https://vuldb.com/?id.222363 Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:xjd2020:fastcms:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:38

Type Values Removed Values Added
CVSS v2 : 5.8
v3 : 7.2
v2 : 5.8
v3 : 4.7
References () https://github.com/ha1yuYiqiyinHangzhouTechn0logy/fastcms/blob/main/README.md - Exploit, Third Party Advisory () https://github.com/ha1yuYiqiyinHangzhouTechn0logy/fastcms/blob/main/README.md - Exploit, Third Party Advisory
References () https://github.com/my-fastcms/fastcms/issues/1 - Exploit, Issue Tracking, Vendor Advisory () https://github.com/my-fastcms/fastcms/issues/1 - Exploit, Issue Tracking, Vendor Advisory
References () https://vuldb.com/?ctiid.222363 - Permissions Required, Third Party Advisory () https://vuldb.com/?ctiid.222363 - Permissions Required, Third Party Advisory
References () https://vuldb.com/?id.222363 - Third Party Advisory () https://vuldb.com/?id.222363 - Third Party Advisory

11 Mar 2023, 02:20

Type Values Removed Values Added
New CVE

Information

Published : 2023-03-06 08:15

Updated : 2024-11-21 07:38


NVD link : CVE-2023-1191

Mitre link : CVE-2023-1191

CVE.ORG link : CVE-2023-1191


JSON object : View

Products Affected

xjd2020

  • fastcms
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')