CVE-2022-37191

Publication date

2022-09-13 22:07:19

Family

mitre

State

PUBLISHED

Description

The component "cuppa/api/index.php" of CuppaCMS v1.0 is Vulnerable to LFI. An authenticated user can read system files via crafted POST request using [function] parameter value as LFI payload.