CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-34880

cmseasy v7.7.7.7 20230520 was discovered to contain a path traversal vulnerability via the add_action method at lib/admin/language_admin.php. This vulnerability allows attackers to execute arbitrary code and perform a local file inclusion.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.4%

CVSS Severity

CVSS v3 Score 9.8

References

https://blog.pumpk1n.com/2023/06/06/cmseasy-v7-7-7-7-20230520-path-traversal/
https://blog.pumpk1n.com/2023/06/06/cmseasy-v7-7-7-7-20230520-path-traversal/

Products affected by CVE-2023-34880

Cmseasy » Cmseasy » Version: 7.7.7.7

cpe:2.3:a:cmseasy:cmseasy:7.7.7.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-34880

Products

Pricing

Contact Us