Arbitrary File Read Vulnerability in 74cmsSE Product
CVE-2022-26271
7.5HIGH
What is CVE-2022-26271?
74cmsSE version 3.4.1 contains a vulnerability that allows attackers to read arbitrary files on the server through manipulation of the $url parameter in the Download.php controller. This issue could lead to exposure of sensitive information and poses a significant risk to the security of the affected system.
