Description
AChecker 1.5 allows remote attackers to read the contents of arbitrary files via the download.php path parameter by using Unauthenticated Path Traversal. This occurs through readfile in PHP. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
No history.
Subscriptions
No data.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-02T02:51:11.576Z
Reserved: 2024-05-05T00:00:00.000Z
Link: CVE-2024-34523
Updated: 2024-08-02T02:51:11.576Z
Status : Deferred
Published: 2024-05-07T15:15:09.930
Modified: 2026-06-17T07:33:33.677
Link: CVE-2024-34523
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')