Vulnerability — CVE-2023-3240

CVE-2023-3240

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2023-3240
Description:: A vulnerability has been found in OTCMS up to 6.62 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file usersNews_deal.php. The manipulation of the argument file leads to path traversal: '../filedir'. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-231511.
Last updated date:: 05/17/2024

Type:: exploit
Confidence:: HIGH
Date of publishing:: 06/23/2023
Reference url to background: https://github.com/HuBenLab/HuBenVulList/blob/main/OTCMS%20was%20discovered%20to%20contain%20an%20arbitrary%20file%20download%20vulenrability%20via%20the%20filename.md