mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
89 lines
3.0 KiB
JSON
89 lines
3.0 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2023-4297",
|
|
"ASSIGNER": "contact@wpscan.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "The Mmm Simple File List WordPress plugin through 2.3 does not validate the generated path to list files from, allowing any authenticated users, such as subscribers, to list the content of arbitrary directories."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Unknown",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Mmm Simple File List",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "not down converted",
|
|
"x_cve_json_5_version_data": {
|
|
"versions": [
|
|
{
|
|
"status": "affected",
|
|
"versionType": "semver",
|
|
"version": "0",
|
|
"lessThanOrEqual": "2.3"
|
|
}
|
|
],
|
|
"defaultStatus": "affected"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://wpscan.com/vulnerability/9ff85b06-819c-459e-90a9-6151bfd70978",
|
|
"refsource": "MISC",
|
|
"name": "https://wpscan.com/vulnerability/9ff85b06-819c-459e-90a9-6151bfd70978"
|
|
}
|
|
]
|
|
},
|
|
"generator": {
|
|
"engine": "WPScan CVE Generator"
|
|
},
|
|
"source": {
|
|
"discovery": "EXTERNAL"
|
|
},
|
|
"credits": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Dmitrii"
|
|
},
|
|
{
|
|
"lang": "en",
|
|
"value": "WPScan"
|
|
}
|
|
]
|
|
} |