PT-2023-25038 · Ujcms · Ujcms
Sma11New
·
Published
2023-06-14
·
Updated
2025-01-03
·
CVE-2023-34865
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
ujcms version 6.0.2
Description
The issue allows attackers to perform directory traversal, enabling them to move files using the rename feature.
Recommendations
For ujcms version 6.0.2, consider restricting the rename feature to prevent file movement until a patch is available.
Exploit
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ujcms