๐Ÿ” CVE Alert

CVE-2024-42007

MEDIUM 5.8
CVSS Score
5.8
EPSS Score
0.0%
EPSS Percentile
0th

SPX (aka php-spx) through 0.4.15 allows SPX_UI_URI Directory Traversal to read arbitrary files.

Vendor n/a
Product n/a
Published Jul 26, 2024
Last Updated Aug 19, 2024
Stay Ahead of the Next One

Get instant alerts for n/a n/a

Be the first to know when new medium vulnerabilities affecting n/a n/a are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AC:L/AV:N/A:N/C:L/I:N/PR:N/S:C/UI:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
None
Availability
None

Affected Versions

n/a / n/a
n/a

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
github.com: https://github.com/NoiseByNorthwest/php-spx/issues/251 vicarius.io: https://www.vicarius.io/vsociety/posts/journey-to-discovery-and-exploitation-of-path-traversal-in-php-spx-cve-2024-42007