CVE-2022-25486

CVE-2022-25486

EPSS 10.0%

CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts/alertConfigField.php.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/CuppaCMS/CuppaCMS/issues/15 https://github.com/CuppaCMS/CuppaCMS/issues/25 https://github.com/hansmach1ne/MyExploits/tree/main/Multiple_LFIs_in_CuppaCMS_alerts