Path traversal vulnerability found in flatpressblog/flatpress
Valid
Reported on
Dec 4th 2022
Description
please check this link
https://demos4.softaculous.com/FlatPressfgbu50zqaa/fp-content/
Proof of Concept
https://prnt.sc/0UGovVLWcKo7
Impact
Directory traversal (also known as file path traversal) is a web security vulnerability that allows an attacker to read arbitrary files on the server that is running an application. This might include application code and data, credentials for back-end systems, and sensitive operating system files. In some cases, an attacker might be able to write to arbitrary files on the server, allowing them to modify application data or behavior, and ultimately take full control of the server.
We are processing your report and will contact the
flatpressblog/flatpress
team within 24 hours.
5 months ago
We have contacted a member of the
flatpressblog/flatpress
team and are waiting to hear back
5 months ago
The researcher's credibility has increased: +7
The fix bounty has been dropped
This vulnerability has been assigned a CVE
This vulnerability is scheduled to go public on
Feb 22nd 2023
Hi Nilabh, the maintainer has the choice to assign a CVE at the point of publishing.
to join this conversation
