CVE-2022-25401

Published: Feb 24, 2022Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

The copy function of the file manager in Cuppa CMS v1.0 allows any file to be copied to the current directory, granting attackers read access to arbitrary files.

Affected (1)

Products: Cuppacms: Cuppacms

Cuppacms

1 product

Cuppacms

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cuppacms Cuppacms	Version 1.0

References (2)

https://github.com/dota-st/Vulnerability/blob/master/CuppaCMS/CuppaCMS_second.md

Source: cve@mitre.org

ExploitThird Party Advisory

https://github.com/dota-st/Vulnerability/blob/master/CuppaCMS/CuppaCMS_second.md

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.