CVE-2022-40444: Path Traversal
First published: Thu Sep 22 2022(Updated: )
ZZCMS 2022 was discovered to contain a full path disclosure vulnerability via the page /admin/index.PHP? _server.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zzcms Zzcms | =2022 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-40444?
CVE-2022-40444 is a full path disclosure vulnerability in ZZCMS 2022.
How does the full path disclosure vulnerability in ZZCMS 2022 work?
The vulnerability can disclose sensitive information about the file system path on the server, potentially aiding an attacker in identifying further vulnerabilities or crafting targeted attacks.
What is the severity of CVE-2022-40444?
The severity of CVE-2022-40444 is medium, with a CVSS score of 5.3.
How can I fix the full path disclosure vulnerability in ZZCMS 2022?
To fix the vulnerability, it is recommended to apply the latest patch or update provided by the vendor of ZZCMS 2022. Additionally, make sure to follow secure coding practices and properly handle error messages to avoid exposing sensitive information.
Where can I find more information about CVE-2022-40444?
You can find more information about CVE-2022-40444 on the official GitHub page of ZZCMS.
- collector/nvd-index
- vendor/zzcms
- canonical/zzcms zzcms
- version/zzcms zzcms/2022