CVE-2023-1002

Name of the Vulnerable Software and Affected Versions MuYuCMS version 2.2

Description A problematic issue has been found in the processing of the file index.php, where the manipulation of the file path argument leads to path traversal. The attack can be initiated remotely.

Recommendations For MuYuCMS version 2.2, as a temporary workaround, consider restricting access to the index.php file until a patch is available. Avoid using the file path argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.