CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-14831

An arbitrary file read vulnerability in DamiCMS v6.0.0 allows remote authenticated administrators to read any files in the server via a crafted /admin.php?s=Tpl/Add/id/ URI.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 50.3%

CVSS Severity

CVSS v3 Score 4.9

CVSS v2 Score 4.0

References

https://gist.github.com/feric/98180bad0a73716e143ff8dc03fda12f
https://gist.github.com/feric/98180bad0a73716e143ff8dc03fda12f

Products affected by CVE-2018-14831

Damicms » Damicms » Version: 6.0.0

cpe:2.3:a:damicms:damicms:6.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-14831

Products

Pricing

Contact Us