Lucene search
PRIOn knowledge basePRION:CVE-2023-29200HistoryApr 25, 2023 - 6:15 p.m.
Design/Logic Flaw
2023-04-2518:15:00
PRIOn knowledge base
www.prio-n.com
4
contao cms
security flaw
file manager
0.001 Low
EPSS
Percentile
45.7%
Contao is an open source content management system. Prior to versions 4.9.40, 4.13.21, and 5.1.4, logged in users can list arbitrary system files in the file manager by manipulating the Ajax request. However, it is not possible to read the contents of these files. Users should update to Contao 4.9.40, 4.13.21 or 5.1.4 to receive a patch. There are no known workarounds.
Related
veracode
veracode
Directory Traversal
2023-05-04 08:01:28
github
github
Path traversal vulnerability in the file manager
2023-04-26 16:05:02
osv
osv
Path traversal vulnerability in the file manager
2023-04-26 16:05:02
CVE-2023-29200
2023-04-25 18:15:09
cve
cve
CVE-2023-29200
2023-04-25 18:15:09
contao
contao
Directory traversal in the file manager
2023-04-25 00:00:00
cvelist
cvelist
nvd
nvd
CVE-2023-29200
2023-04-25 18:15:09
friendsofphp
friendsofphp
Directory traversal vulnerability in the file manager
2023-04-25 09:11:00
Directory traversal vulnerability in the file manager
2023-04-25 09:11:00