.. / CVE-2023-45855

Exploit for qdPM 9.2 - Directory Traversal (CVE-2023-45855)

Description:

qdPM 9.2 allows Directory Traversal to list files and directories by navigating to the /uploads URI.

Nuclei Template

View the template here CVE-2023-45855.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-45855.yaml
Copy

References:

https://qdpm.net
https://github.com/SunshineOtaku/Report-CVE/blob/main/qdPM/9.2/Directory%20Traversal.md
https://nvd.nist.gov/vuln/detail/CVE-2023-45855