Vulnerability Details CVE-2023-53907
Bludit versions before 3.13.1 contain an authenticated file download vulnerability in the Backup Plugin that allows logged-in users to access arbitrary files. Attackers can exploit the plugin's download functionality by manipulating file path parameters to read sensitive system files through directory traversal.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.7%
CVSS Severity
CVSS v3 Score 6.5
References
Products affected by CVE-2023-53907
-
cpe:2.3:a:bludit:bludit:0.1
-
cpe:2.3:a:bludit:bludit:0.2
-
cpe:2.3:a:bludit:bludit:0.4
-
cpe:2.3:a:bludit:bludit:0.5
-
cpe:2.3:a:bludit:bludit:0.6
-
cpe:2.3:a:bludit:bludit:0.6.1
-
cpe:2.3:a:bludit:bludit:0.6.2
-
cpe:2.3:a:bludit:bludit:0.7
-
cpe:2.3:a:bludit:bludit:0.7.1
-
cpe:2.3:a:bludit:bludit:0.7.2
-
cpe:2.3:a:bludit:bludit:1.0
-
cpe:2.3:a:bludit:bludit:1.0.1
-
cpe:2.3:a:bludit:bludit:1.1.2
-
cpe:2.3:a:bludit:bludit:1.3
-
cpe:2.3:a:bludit:bludit:1.4
-
cpe:2.3:a:bludit:bludit:1.5
-
cpe:2.3:a:bludit:bludit:1.5.1
-
cpe:2.3:a:bludit:bludit:1.5.2
-
cpe:2.3:a:bludit:bludit:1.6
-
cpe:2.3:a:bludit:bludit:1.6.1
-
cpe:2.3:a:bludit:bludit:1.6.2
-
cpe:2.3:a:bludit:bludit:2.0
-
cpe:2.3:a:bludit:bludit:2.0.1
-
cpe:2.3:a:bludit:bludit:2.0.2
-
cpe:2.3:a:bludit:bludit:2.1
-
cpe:2.3:a:bludit:bludit:2.1.1
-
cpe:2.3:a:bludit:bludit:2.2
-
cpe:2.3:a:bludit:bludit:2.2.1
-
cpe:2.3:a:bludit:bludit:2.3
-
cpe:2.3:a:bludit:bludit:2.3.1
-
cpe:2.3:a:bludit:bludit:2.3.2
-
cpe:2.3:a:bludit:bludit:2.3.3
-
cpe:2.3:a:bludit:bludit:2.3.4
-
cpe:2.3:a:bludit:bludit:3.0.0
-
cpe:2.3:a:bludit:bludit:3.1.0
-
cpe:2.3:a:bludit:bludit:3.10.0
-
cpe:2.3:a:bludit:bludit:3.11.0
-
cpe:2.3:a:bludit:bludit:3.12.0
-
cpe:2.3:a:bludit:bludit:3.13.0
-
cpe:2.3:a:bludit:bludit:3.2.0
-
cpe:2.3:a:bludit:bludit:3.3.0
-
cpe:2.3:a:bludit:bludit:3.4.0
-
cpe:2.3:a:bludit:bludit:3.5.0
-
cpe:2.3:a:bludit:bludit:3.8.1
-
cpe:2.3:a:bludit:bludit:3.9.0
-
cpe:2.3:a:bludit:bludit:3.9.1
-
cpe:2.3:a:bludit:bludit:3.9.2