CVE-2023-3241
3.5
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
A vulnerability was found in OTCMS up to 6.62 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/read.php?mudi=announContent. The manipulation of the argument url leads to path traversal. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-231512.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | OTCMS | 6.0 | affected |
| n/a | OTCMS | 6.1 | affected |
| n/a | OTCMS | 6.2 | affected |
| n/a | OTCMS | 6.3 | affected |
| n/a | OTCMS | 6.4 | affected |
| n/a | OTCMS | 6.5 | affected |
| n/a | OTCMS | 6.6 | affected |
| n/a | OTCMS | 6.7 | affected |
| n/a | OTCMS | 6.8 | affected |
| n/a | OTCMS | 6.9 | affected |
| n/a | OTCMS | 6.10 | affected |
| n/a | OTCMS | 6.11 | affected |
| n/a | OTCMS | 6.12 | affected |
| n/a | OTCMS | 6.13 | affected |
| n/a | OTCMS | 6.14 | affected |
| n/a | OTCMS | 6.15 | affected |
| n/a | OTCMS | 6.16 | affected |
| n/a | OTCMS | 6.17 | affected |
| n/a | OTCMS | 6.18 | affected |
| n/a | OTCMS | 6.19 | affected |
| n/a | OTCMS | 6.20 | affected |
| n/a | OTCMS | 6.21 | affected |
| n/a | OTCMS | 6.22 | affected |
| n/a | OTCMS | 6.23 | affected |
| n/a | OTCMS | 6.24 | affected |
| n/a | OTCMS | 6.25 | affected |
| n/a | OTCMS | 6.26 | affected |
| n/a | OTCMS | 6.27 | affected |
| n/a | OTCMS | 6.28 | affected |
| n/a | OTCMS | 6.29 | affected |
| n/a | OTCMS | 6.30 | affected |
| n/a | OTCMS | 6.31 | affected |
| n/a | OTCMS | 6.32 | affected |
| n/a | OTCMS | 6.33 | affected |
| n/a | OTCMS | 6.34 | affected |
| n/a | OTCMS | 6.35 | affected |
| n/a | OTCMS | 6.36 | affected |
| n/a | OTCMS | 6.37 | affected |
| n/a | OTCMS | 6.38 | affected |
| n/a | OTCMS | 6.39 | affected |
| n/a | OTCMS | 6.40 | affected |
| n/a | OTCMS | 6.41 | affected |
| n/a | OTCMS | 6.42 | affected |
| n/a | OTCMS | 6.43 | affected |
| n/a | OTCMS | 6.44 | affected |
| n/a | OTCMS | 6.45 | affected |
| n/a | OTCMS | 6.46 | affected |
| n/a | OTCMS | 6.47 | affected |
| n/a | OTCMS | 6.48 | affected |
| n/a | OTCMS | 6.49 | affected |
| n/a | OTCMS | 6.50 | affected |
| n/a | OTCMS | 6.51 | affected |
| n/a | OTCMS | 6.52 | affected |
| n/a | OTCMS | 6.53 | affected |
| n/a | OTCMS | 6.54 | affected |
| n/a | OTCMS | 6.55 | affected |
| n/a | OTCMS | 6.56 | affected |
| n/a | OTCMS | 6.57 | affected |
| n/a | OTCMS | 6.58 | affected |
| n/a | OTCMS | 6.59 | affected |
| n/a | OTCMS | 6.60 | affected |
| n/a | OTCMS | 6.61 | affected |
| n/a | OTCMS | 6.62 | affected |
Weaknesses
- CWE-22: CWE-22 Path Traversal
ADP Enrichment
CVE Program Container
Additional References
- https://vuldb.com/?id.231512
- https://vuldb.com/?ctiid.231512
- https://github.com/HuBenLab/HuBenVulList/blob/main/OTCMS%20was%20discovered%20to%20contain%20an%20arbitrary%20file%20read%20vulenrability%20via%20the%20filename.md
References
- https://vuldb.com/?id.231512
- https://vuldb.com/?ctiid.231512
- https://github.com/HuBenLab/HuBenVulList/blob/main/OTCMS%20was%20discovered%20to%20contain%20an%20arbitrary%20file%20read%20vulenrability%20via%20the%20filename.md
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.