Vulnerabilities > CVE-2022-29720 - Files or Directories Accessible to External Parties vulnerability in 74Cms 74Cmsse 3.5.1

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
74cms
CWE-552

Summary

74cmsSE v3.5.1 was discovered to contain an arbitrary file read vulnerability via the component \index\controller\Download.php.

Vulnerable Configurations

Part Description Count
Application
74Cms
1