CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-34878

An issue was discovered in Ujcms v6.0.2 allows attackers to gain sensitive information via the dir parameter to /api/backend/core/web-file-html/download-zip.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 41.6%

CVSS Severity

CVSS v3 Score 7.5

References

https://github.com/ujcms/ujcms/issues/6
https://github.com/ujcms/ujcms/issues/6

Products affected by CVE-2023-34878

Ujcms » Ujcms » Version: 6.0.2

cpe:2.3:a:ujcms:ujcms:6.0.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-34878

Products

Pricing

Contact Us