CVE-2023-6757

EUVD-2023-58969
A vulnerability was found in Thecosy IceCMS 2.0.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /adplanet/PlanetUser of the component API. The manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-247885 was assigned to this vulnerability.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
VulDBCNA
5.3 MEDIUM
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 49%
Affected Products (NVD)
VendorProductVersion
thecosyicecms
2.0.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://124.71.147.32:8082/IceCMS3.html
https://vuldb.com/?ctiid.247885
https://vuldb.com/?id.247885
http://124.71.147.32:8082/IceCMS3.html
https://vuldb.com/?ctiid.247885
https://vuldb.com/?id.247885