| Title | xiaohe4966 TpMeCMS v1.3.3.1 Path Traversal |
|---|
| Description | TpMeCMS is an open-source backend framework based on PHP+Bootstrap, meticulously crafted for developers. It is built on two mainstream technologies, ThinkPHP and Bootstrap, and features a comprehensive permission management system and powerful functions such as one-click CRUD generation.
TpMeCMS is committed to improving development efficiency, reducing development costs, while ensuring the stability and security of the backend system. Open-source address: https://github.com/xiaohe4966/TpMeCMS/
TpMeCMS versions <= v1.3.3.1 have a vulnerability that allows arbitrary file reading, which can be exploited by attackers to obtain sensitive system information.
|
|---|
| Source | ⚠️ https://wiki.shikangsi.com/post/share/12da81ed-2dad-4a75-9b1a-db9afe1e7b7b |
|---|
| User | wiki (UID 72124) |
|---|
| Submission | 09/08/2024 12:03 (2 years ago) |
|---|
| Moderation | 09/15/2024 07:26 (7 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 277508 [xiaohe4966 TpMeCMS up to 1.3.3.1 /index/ajax/lang path traversal] |
|---|
| Points | 20 |
|---|