CVE-2024-7551 | juzaweb CMS up to 3.4.2 Theme Editor default path traversal
A vulnerability was found in juzaweb CMS up to 3.4.2. It has been classified as problematic. Affected is an unknown function of the file /admin-cp/theme/editor/default of the component Theme Editor. The manipulation leads to path traversal.
This vulnerability is traded as CVE-2024-7551. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.