CVE-2023-26956

onekeyadmin v1.3.9 was discovered to contain an arbitrary file read vulnerability via the component /admin1/curd/code.

CVSS v3.0 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

References

Link	Resource
https://github.com/keheying/onekeyadmin/issues/4	Exploit Issue Tracking Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:onekeyadmin:onekeyadmin:1.3.9:*:*:*:*:*:*:*

Information

Published : 2023-03-08 11:15

Updated : 2023-03-17 06:17

NVD link : CVE-2023-26956

Mitre link : CVE-2023-26956

JSON object : View

CWE

CWE-552

Files or Directories Accessible to External Parties

Products Affected

onekeyadmin