PT-2023-22476 · Unknown · Solarview Compact

Xiaosed

Publicado

2023-05-20

Atualizado

2025-06-03

CVE-2023-29919

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions SolarView Compact versions 6.0 and earlier

Description The issue allows any file on the server to be read or modified due to insecure permissions. This is because the texteditor.php file is not restricted, leading to potential unauthorized access and modification of files.

Recommendations For SolarView Compact versions 6.0 and earlier, restrict access to the texteditor.php file to prevent unauthorized reading or modification of files on the server.

Exploit

Correção

Incorrect Default Permissions

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-276

Identificadores relacionados

CVE-2023-29919

Produtos afetados

Solarview Compact

PT-2023-22476 · Unknown · Solarview Compact

CVE-2023-29919

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8