Jearyorg

**Name of the Vulnerable Software and Affected Versions** PublicCMS version 4.0.20180210 **Description** An issue was discovered that allows for "Directory Traversal" and "Arbitrary file read" via the "/admin/cmsWebFile/list.html" API endpoint, specifically when the `path` parameter is set to `../`. **Recommendations** For PublicCMS version 4.0.20180210, as a temporary workaround, consider restricting access to the `/admin/cmsWebFile/list.html` API endpoint until a patch is available. Avoid using the `path` parameter with `../` in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PublicCMS version 4.0.20180210 **Description** An issue was discovered that allows for "Directory Traversal" and "Arbitrary file read" via the "/admin/cmsTemplate/content.html" API endpoint with a `path` variable set to `../`. **Recommendations** For PublicCMS version 4.0.20180210, as a temporary workaround, consider restricting access to the `/admin/cmsTemplate/content.html` API endpoint until a patch is available. Avoid using the `path` variable in this endpoint with relative paths that could lead to directory traversal.

**Name of the Vulnerable Software and Affected Versions** PublicCMS version 4.0.20180210 **Description** A CSRF issue was found in the "admin/sysUser/save.do?callbackType=closeCurrent&navTabId=sysUser/list" API endpoint, allowing an attacker to add an admin account. **Recommendations** For PublicCMS version 4.0.20180210, as a temporary workaround, consider restricting access to the "admin/sysUser/save.do" API endpoint until a patch is available. Avoid using the `callbackType` and `navTabId` parameters in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.