daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2023-37474.yaml

patch-1
Ritik Chaddha 2023-10-11 14:07:22 +05:30 committed by GitHub
parent 57d5228626
commit 17d3db3a62
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
http/cves/2023/CVE-2023-37474.yaml
View File

@ -2,7 +2,7 @@ id: CVE-2023-37474
info:
name: Copyparty <= 1.8.2 - Directory Traversal
author: theamanrawat
author: shankar acharya,theamanrawat
severity: high
description: |
Copyparty is a portable file server. Versions prior to 1.8.2 are subject to a path traversal vulnerability detected in the `.cpr` subfolder. The Path Traversal attack technique allows an attacker access to files, directories, and commands that reside outside the web document root directory. This issue has been addressed in commit `043e3c7d` which has been included in release 1.8.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.
@ -16,8 +16,11 @@ info:
cve-id: CVE-2023-37474
cwe-id: CWE-22
metadata:
verified: "true"
tags: cve,cve2023,directory-traversal,copyparty,unauthenticated
max-request: 1
vendor: copyparty
product: copyparty
verified: true
tags: cve,cve2023,traversal,copyparty
http:
- method: GET