Vulnerability Details CVE-2022-25486
CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts/alertConfigField.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.746
EPSS Ranking 98.8%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
- https://github.com/CuppaCMS/CuppaCMS/issues/15
- https://github.com/CuppaCMS/CuppaCMS/issues/25
- https://github.com/hansmach1ne/MyExploits/tree/main/Multiple_LFIs_in_CuppaCMS_alerts
- https://github.com/CuppaCMS/CuppaCMS/issues/15
- https://github.com/CuppaCMS/CuppaCMS/issues/25
- https://github.com/hansmach1ne/MyExploits/tree/main/Multiple_LFIs_in_CuppaCMS_alerts