How severe is CVE-2023-7098?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2023-7098?

This is classified as CWE-24, which is a common weakness in software security.

CVE-2023-7098

MEDIUM Year: 2023

CVSS v3 Score

5.3

Medium

CVSS v2 Score

2.1

Low

Weakness Type

CWE-24

View all →

Vulnerability Description

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic was found in icret EasyImages 2.8.3. This vulnerability affects unknown code of the file app/hide.php. The manipulation of the argument key leads to path traversal: '../filedir'. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. VDB-248950 is the identifier assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CVE-2023-4171

MEDIUM

CVSS:5.3(Medium)

A vulnerability classified as problematic was found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This vulnerability affects unknown code of the file \Service\FileDownload.ashx. T...

CWE-242023

CVE-2024-0465

MEDIUM

CVSS:5.3(Medium)

A vulnerability classified as problematic was found in code-projects Employee Profile Management System 1.0. This vulnerability affects unknown code of the file download.php. The manipulation of the a...

CWE-242024

CVE-2024-1459

MEDIUM

CVSS:5.3(Medium)

A path traversal vulnerability was found in Undertow. This issue may allow a remote attacker to append a specially-crafted sequence to an HTTP request for an application deployed to JBoss EAP, which m...

CWE-242024

CVE-2025-32807

MEDIUM

CVSS:5.3(Medium)

A path traversal vulnerability in FusionDirectory before 1.5 allows remote attackers to read arbitrary files on the host that end with .png (and .svg or .xpm for some configurations) via the icon para...

CWE-242025

CVE-2023-7041

MEDIUM

CVSS:5.4(Medium)

A vulnerability, which was classified as critical, has been found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this issue is some unknown functionality of the file /file-manager/rename.php. ...

CWE-242023

CVE-2024-3218

MEDIUM

CVSS:5.4(Medium)

A vulnerability classified as critical has been found in Shibang Communications IP Network Intercom Broadcasting System 1.0. This affects an unknown part of the file /php/busyscreenshotpush.php. The m...

CWE-242024

CVE-2023-7098

Vulnerability Description

Related Vulnerabilities

CVE-2023-4171

CVE-2024-0465

CVE-2024-1459

CVE-2025-32807

CVE-2023-7041

CVE-2024-3218