DDSN Interactive Acora CMS Access Control Vulnerability in File Details Endpoint

Vulnerability

A vulnerability exists in DDSN Interactive Acora CMS version 10.7.1, specifically within the file_details.asp endpoint. This issue arises from incorrect access control, which allows attackers with editor privileges to access sensitive files by sending crafted requests. The vulnerability exploits a flaw in how the CMS manages permissions for file access, potentially leading to unauthorized exposure of confidential information.

Impact

Exploitation of this vulnerability could result in unauthorized access to sensitive files, potentially leading to the disclosure of confidential information or other related risks, depending on the nature of the accessed files.

Added: Mar 30, 2026, 4:35 PM

Updated: Mar 30, 2026, 4:35 PM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

2.5

exploitability

5.4

remediation

0.0

relevance

4.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

2.5

exploitability

5.4

remediation

0.0

relevance

4.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

DDSN Interactive Acora CMS Access Control Vulnerability in File Details Endpoint

Vulnerability

Impact

Affected Products

DDSN Interactive Acora CMS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating