PT-2024-35339 · Softpulse Infotech · Sp Blog Designer
João Pedro S Alcântara
·
Published
2024-11-28
·
Updated
2024-11-28
·
CVE-2024-52498
CVSS v3.1
7.5
High
| Vector | AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Softpulse Infotech SP Blog Designer versions 1.0.0 and earlier
Description
The issue is related to a Path Traversal vulnerability, specifically '.../...//' in Softpulse Infotech SP Blog Designer, allowing PHP Local File Inclusion.
Recommendations
For Softpulse Infotech SP Blog Designer versions 1.0.0 and earlier, consider restricting access to sensitive files and directories to minimize the risk of exploitation until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sp Blog Designer