CVE-2023-7041 | codelyfe Stupid Simple CMS up to 1.2.4 /file-manager/rename.php newName path traversal

Posted by Angelo Barbosa | Dec 21, 2023 | CVE

A vulnerability, which was classified as critical, has been found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this issue is some unknown functionality of the file /file-manager/rename.php. The manipulation of the argument newName leads to path traversal: ‘../filedir’.

This vulnerability is handled as CVE-2023-7041. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2023-7041 | codelyfe Stupid Simple CMS up to 1.2.4 /file-manager/rename.php newName path traversal

Related Posts

CVE-2024-34780 | Ivanti EPM 2024/up to 2022 SU5 sql injection

CVE-2024-39278 | Hughes Network Systems WL3000 Fusion Software prior 2.7.0.10 insufficiently protected credentials (icsa-24-249-01)

CVE-2023-6989 | Shield Security Plugin up to 18.5.9 on WordPress file inclusion

CVE-2024-37826 | vercot Serva 4.6.0 HTTP Request null pointer dereference