CVE-2023-1681: Xunrui CMS test.php information disclosure
First published: Tue Mar 28 2023(Updated: )
A vulnerability, which was classified as problematic, was found in Xunrui CMS 4.61. Affected is an unknown function of the file /config/myfield/test.php. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-224238 is the identifier assigned to this vulnerability.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Xunruicms | =4.6.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for the Xunrui CMS information disclosure vulnerability?
The vulnerability ID for the Xunrui CMS information disclosure vulnerability is CVE-2023-1681.
What is the severity of CVE-2023-1681?
The severity of CVE-2023-1681 is high, with a severity value of 7.5.
What is the affected software of CVE-2023-1681?
The affected software of CVE-2023-1681 is Xunrui CMS 4.61.
What is the CWE number associated with CVE-2023-1681?
The CWE number associated with CVE-2023-1681 is CWE-200.
How can the Xunrui CMS information disclosure vulnerability be exploited?
The Xunrui CMS information disclosure vulnerability can be exploited remotely.
- agent/first-publish-date
- agent/type
- agent/title
- agent/severity
- agent/weakness
- agent/references
- agent/softwarecombine
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/author
- vendor/xunruicms
- canonical/xunruicms
- version/xunruicms/4.6.1