CVE-2023-7040 | codelyfe Stupid Simple CMS up to 1.2.4 /file-manager/rename.php oldName path traversal

Posted by Angelo Barbosa | Dec 21, 2023 | CVE

A vulnerability classified as problematic was found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this vulnerability is an unknown functionality of the file /file-manager/rename.php. The manipulation of the argument oldName leads to path traversal: ‘../filedir’.

This vulnerability is known as CVE-2023-7040. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2023-7040 | codelyfe Stupid Simple CMS up to 1.2.4 /file-manager/rename.php oldName path traversal

Related Posts

CVE-2024-0718 | liuwy-dlsdys zhglxt 4.7.7 HTTP POST Request /oa/notify/edit notifyTitle cross site scripting

CVE-2024-23739 | Discord up to 0.0.291 on macOS Setting RunAsNode/enableNodeClilnspectArguments Privilege Escalation

CVE-2024-1056 | Funnel Kit Funnel Builder Pro Plugin up to 3.4.5 on WordPress allow_iframe_tag_in_post cross site scripting

CVE-2024-1436 | Wiloke WooCommerce Coupon Popup, SmartBar, Slide In Plugin information disclosure