CVE-2024-34193

Name of the Vulnerable Software and Affected Versions smanga version 3.2.7

Description The issue is related to a path traversal vulnerability. It occurs because the file parameter at the "PHP/get file flow.php" interface is not properly filtered, allowing for arbitrary file reading.

Recommendations For smanga version 3.2.7, as a temporary workaround, consider restricting access to the "PHP/get file flow.php" interface until a patch is available. Avoid using the file parameter in this interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.