Description
A security flaw has been discovered in doramart DoraCMS 3.0.x. Impacted is the function createFileBypath of the file /DoraCMS/server/app/router/api/v1.js. Performing a manipulation results in path traversal. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-03-09
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Arbitrary File Creation via Path Traversal
Action: Apply Patch
AI Analysis

Impact

A flaw exists in the createFileBypath function of Doramart DoraCMS 3.0.x. The function accepts a file path from a HTTP request and writes a new file at that location. Manipulating the path can lead to traversal beyond the intended directory, allowing the creation or overwriting of files outside the web root. The vulnerability can be triggered remotely by sending a crafted request to the exposed API endpoint.

Affected Systems

The issue affects Doramart’s DoraCMS version 3.0.x. No other versions or variants are mentioned in the advisory.

Risk and Exploitability

The CVSS score of 5.3 denotes medium severity. The EPSS score of less than 1% indicates a very low probability of exploitation at present. The vulnerability is not listed in CISA's KEV catalog. The exploit has been publicly released, and the description specifically states that the attack can be initiated remotely; however, no authentication or privilege requirements are described in the CVE data.

Generated by OpenCVE AI on April 17, 2026 at 11:57 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply any official vendor patch or upgrade to a version of DoraCMS that addresses the createFileBypath path traversal flaw.
  • If no patch is available, restrict or block the createFileBypath endpoint using firewall or application‑level rules to reject paths that contain traversal sequences or to limit access to trusted users only.
  • Monitor the file system for unexpected file creation or modification in the DoraCMS directories and configure alerts for such anomalies.

Generated by OpenCVE AI on April 17, 2026 at 11:57 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 10 Mar 2026 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 10 Mar 2026 19:00:00 +0000

Type Values Removed Values Added
First Time appeared Html-js
Html-js doracms
CPEs cpe:2.3:a:html-js:doracms:-:*:*:*:*:*:*:*
Vendors & Products Html-js
Html-js doracms

Mon, 09 Mar 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Doramart
Doramart doracms
Vendors & Products Doramart
Doramart doracms

Mon, 09 Mar 2026 02:30:00 +0000

Type Values Removed Values Added
Description A security flaw has been discovered in doramart DoraCMS 3.0.x. Impacted is the function createFileBypath of the file /DoraCMS/server/app/router/api/v1.js. Performing a manipulation results in path traversal. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Title doramart DoraCMS v1.js createFileBypath path traversal
Weaknesses CWE-22
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Doramart Doracms
Html-js Doracms
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-03-25T12:34:11.380Z

Reserved: 2026-03-08T07:31:59.585Z

Link: CVE-2026-3795

cve-icon Vulnrichment

Updated: 2026-03-10T20:21:15.318Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-09T03:15:49.490

Modified: 2026-03-10T18:49:35.163

Link: CVE-2026-3795

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T12:00:11Z

Weaknesses