Directory Traversal Flaw in WonderCMS Affects File Security
CVE-2019-5956

6.5MEDIUM

Key Information:

Vendor: Wondercms
Status: 2.6.0 And Earlier
Vendor: CVE Published:; 12 September 2019

What is CVE-2019-5956?

A directory traversal vulnerability in WonderCMS versions 2.6.0 and earlier enables remote attackers to manipulate file paths and potentially delete arbitrary files on the server. This serious flaw can be triggered through unspecified vectors, leading to unauthorized access and modifications. Proper validation and sanitization of file paths are critical to mitigate the risks associated with this vulnerability.

Affected Version(s)

2.6.0 and earlier remote attackers

References

http://jvn.jp/en/vu/JVNVU93628467/index.html

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 12, 2019
Vulnerability Reserved
Jan 10, 2019

Wondercms

What is CVE-2019-5956?

Affected Version(s)

References

CVSS V3.1

Timeline