Vulnerabilities > CVE-2024-34314 - Unspecified vulnerability in Cmseasy 7.7.7.9
Attack vector
NETWORK Attack complexity
LOW Privileges required
HIGH Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
CmsEasy v7.7.7.9 was discovered to contain a local file inclusion vunerability via the file_get_contents function in the fetch_action method of /admin/template_admin.php. This vulnerability allows attackers to read arbitrary files.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |