A vulnerability was found in juzaweb CMS up to 3.4.2. It has been classified as problematic. Affected is an unknown function of the file /admin-cp/theme/editor/default of the component Theme Editor. The manipulation leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273696. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
History

Mon, 12 Aug 2024 16:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:juzaweb:cms:*:*:*:*:*:*:*:*

Tue, 06 Aug 2024 14:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:juzaweb:cms:-:*:*:*:*:*:*:* cpe:2.3:a:juzaweb:cms:3.4.0:*:*:*:*:*:*:*
cpe:2.3:a:juzaweb:cms:3.4.1:*:*:*:*:*:*:*
cpe:2.3:a:juzaweb:cms:3.4.2:*:*:*:*:*:*:*

Tue, 06 Aug 2024 13:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:juzaweb:cms:3.4.0:*:*:*:*:*:*:*
cpe:2.3:a:juzaweb:cms:3.4.1:*:*:*:*:*:*:*
cpe:2.3:a:juzaweb:cms:3.4.2:*:*:*:*:*:*:*
cpe:2.3:a:juzaweb:cms:-:*:*:*:*:*:*:*

cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2024-08-06T12:31:04.358Z

Updated: 2024-08-06T13:20:08.825Z

Reserved: 2024-08-06T06:41:18.391Z

Link: CVE-2024-7551

cve-icon Vulnrichment

Updated: 2024-08-06T13:06:37.335Z

cve-icon NVD

Status : Analyzed

Published: 2024-08-06T13:15:57.850

Modified: 2024-08-12T16:12:12.377

Link: CVE-2024-7551

cve-icon Redhat

No data.