CVE-2024-57170

Published: Mar 18, 2025

Modified: Mar 25, 2025

PUBLISHED

Description

SOPlanning 1.53.00 is vulnerable to a directory traversal issue in /process/upload.php. The "fichier_to_delete" parameter allows authenticated attackers to specify file paths containing directory traversal sequences (e.g., ../). This vulnerability enables attackers to delete arbitrary files outside the intended upload directory, potentially leading to denial of service or disruption of application functionality.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://themcsam.github.io/posts/so-planing-vulnerabilities/#arbitrary-file-deletion

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-57170

Description

Affected Products

References