Skip to main content

Cmseasy CVE-2024-32162

MEDIUM
Incomplete Filtering of Special Elements (CWE-791)
2024-04-17 cve@mitre.org
4.3
CVSS 3.1 · Vendor: mitre
Share

Severity by source

Vendor (mitre) PRIMARY
4.3 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Primary rating from Vendor (mitre) · only source for this CVE.

CVSS VectorVendor: mitre

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None

Lifecycle Timeline

1
CVE Published
Apr 17, 2024 - 19:15 cve.org
MEDIUM 4.3

DescriptionCVE.org

CMSeasy 7.7.7.9 is vulnerable to Arbitrary file deletion.

AnalysisAI

CMSeasy 7.7.7.9 is vulnerable to Arbitrary file deletion. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-791. Affected products include: Cmseasy.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2024-0523 CRITICAL POC
9.8 Jan 14

A vulnerability was found in CmsEasy up to 7.7.7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exp

CVE-2023-34880 CRITICAL POC
9.8 Jun 15

cmseasy v7.7.7.7 20230520 was discovered to contain a path traversal vulnerability via the add_action method at lib/admi

CVE-2018-11679 HIGH POC
8.8 Jun 02

An issue was discovered in CmsEasy 6.1_20180508. Rated high severity (CVSS 8.8), this vulnerability is remotely exploita

CVE-2024-34315 HIGH POC
7.5 May 07

CmsEasy v7.7.7.9 was discovered to contain a local file inclusion vunerability via the file_get_contents function in the

CVE-2024-32163 MEDIUM POC
6.4 Apr 17

CMSeasy 7.7.7.9 is vulnerable to code execution. Rated medium severity (CVSS 6.4). Public exploit code available and no

CVE-2019-8434 MEDIUM POC
6.1 Feb 18

In CmsEasy 7.0, there is XSS via the ckplayer.php autoplay parameter. Rated medium severity (CVSS 6.1), this vulnerabili

CVE-2019-8432 MEDIUM POC
6.1 Feb 18

In CmsEasy 7.0, there is XSS via the ckplayer.php url parameter. Rated medium severity (CVSS 6.1), this vulnerability is

CVE-2025-1336 MEDIUM POC
5.3 Feb 16

A vulnerability has been found in CmsEasy 7.7.7.9 and classified as problematic. Rated medium severity (CVSS 5.3), this

CVE-2025-1335 MEDIUM POC
5.3 Feb 16

A vulnerability, which was classified as problematic, was found in CmsEasy 7.7.7.9. Rated medium severity (CVSS 5.3), th

CVE-2025-1106 MEDIUM POC
5.3 Feb 07

A vulnerability classified as critical has been found in CmsEasy 7.7.7.9. Rated medium severity (CVSS 5.3), this vulnera

CVE-2024-25828 MEDIUM POC
4.9 Feb 22

cmseasy V7.7.7.9 has an arbitrary file deletion vulnerability in lib/admin/template_admin.php. Rated medium severity (CV

CVE-2024-31551 HIGH
7.5 Apr 26

Directory Traversal vulnerability in lib/admin/image.admin.php in cmseasy v7.7.7.9 20240105 allows attackers to delete a

Share

CVE-2024-32162 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy