Vulnerabilities > CVE-2023-37645 - Exposure of Resource to Wrong Sphere vulnerability in Eyoucms 1.6.3

047910
CVSS 5.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
network
low complexity
eyoucms
CWE-668
NVD
Published: 2023-07-20
Updated: 2023-07-27

Summary

eyoucms v1.6.3 was discovered to contain an information disclosure vulnerability via the component /custom_model_path/recruit.filelist.txt.

Vulnerable Configurations

Part Description Count
Application
Eyoucms
1

Common Weakness Enumeration (CWE)

References