CVE-2023-1680

Published: Mar 29, 2023Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

A vulnerability, which was classified as problematic, has been found in Xunrui CMS 4.61. This issue affects some unknown processing of the file /dayrui/My/View/main.html. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-224237 was assigned to this vulnerability.

Affected (1)

Products: Xunruicms: Xunruicms

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Xunruicms Xunruicms	Version 4.6.1

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (6)

https://github.com/2714925725/CMS-bug/blob/main/Informationdisclosure-1.md

Source: cna@vuldb.com

ExploitThird Party Advisory

https://vuldb.com/?ctiid.224237

Source: cna@vuldb.com

Permissions RequiredThird Party Advisory

https://vuldb.com/?id.224237

Source: cna@vuldb.com

Permissions RequiredThird Party Advisory

https://github.com/2714925725/CMS-bug/blob/main/Informationdisclosure-1.md

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://vuldb.com/?ctiid.224237

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions RequiredThird Party Advisory

https://vuldb.com/?id.224237

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions RequiredThird Party Advisory

Timeline

No history available yet.