Primary

Context

a-blog cms Path Traversal Vulnerability in Backup Feature

Vulnerability

Patched

A path traversal vulnerability has been identified in a-blog cms versions prior to 3.1.43 and 3.0.47. This vulnerability arises from inadequate path validation in the backup feature, allowing remote authenticated attackers with administrator privileges to access or delete any file on the server.

Impact

Exploitation of this vulnerability could lead to unauthorized file access or deletion on the server.

Remediation

Users are advised to update a-blog cms to the latest version. For versions 2.11 and earlier, which are no longer supported, no update is available.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

5.0

exploitability

5.0

remediation

8.3

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

5.0

exploitability

5.0

remediation

8.3

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

a-blog cms Path Traversal Vulnerability in Backup Feature

Vulnerability

Impact

Remediation

Affected Products

appleple a-blog cms

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating