How serious is CVE-2024-34193?

This vulnerability has a CVSS score of 7.5 out of 10, classified as HIGH severity. No public exploit code has been identified yet.

Which products are affected by CVE-2024-34193?

CVE-2024-34193 affects lkw199711 smanga. Check the full CVE details for specific version information.

How do I fix CVE-2024-34193?

To remediate CVE-2024-34193, check for security patches from lkw199711. Apply all available updates and security patches. If no patch is available, implement recommended workarounds or security controls to mitigate the risk.

CVE-2024-34193

High

|7.5

No Exploit

Plain English Summary

AI-powered analysis for quick understanding

This vulnerability allows an attacker to read any file on the server by manipulating the file parameter in a specific PHP interface. It occurs in version 3.2.7 of smanga and does not require any special access, making it a significant risk for exposed systems.

Technical Description

smanga 3.2.7 does not filter the file parameter at the PHP/get file flow.php interface, resulting in a path traversal vulnerability that can cause arbitrary file reading.

CVSS Vector Analysis

Attack VectorNetwork

Attack ComplexityLow

Privileges RequiredNone

User InteractionNone

Confidentiality ImpactHigh

Integrity ImpactNone

Availability ImpactNone

ScopeUnchanged

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploit Resources

Search for proof-of-concept code and exploit modules

GitHub Search Exploit-DB Nuclei Templates Metasploit Vulners

Official References

NIST NVD

Est. Bounty

$2,053($1K-$5K)

Vendor Response

Grade FPatched in 647 days

Quick Information

Published

May 20, 2024

almost 2 years ago

Last Modified

Feb 27, 2026

about 1 month ago

Vendor

lkw199711

Product

smanga