A vulnerability was found in Dreamer CMS up to 4.1.3. It has been classified as problematic. Affected is an unknown function of the file /upload/ueditorConfig?action=config. The manipulation leads to files or directories accessible. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-238632. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
History

Thu, 21 Nov 2024 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2023-09-03T23:00:06.540Z

Updated: 2024-11-21T14:49:14.520Z

Reserved: 2023-09-03T06:35:39.468Z

Link: CVE-2023-4743

cve-icon Vulnrichment

Updated: 2024-08-02T07:37:59.689Z

cve-icon NVD

Status : Modified

Published: 2023-09-03T23:15:40.147

Modified: 2024-11-21T08:35:52.860

Link: CVE-2023-4743

cve-icon Redhat

No data.