CVE-2024-42718

A path traversal vulnerability in Croogo CMS 4.0.7 allows remote attackers to read arbitrary files via a specially crafted path in the 'edit-file' parameter.

Published Dec 29, 2025

https://github.com/advisories/GHSA-g5p6-3j82-xfm4

CVSS ScoreHigh

7.5

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2024-42718

A path traversal vulnerability in Croogo CMS 4.0.7 allows remote attackers to read arbitrary files via a specially crafted path in the 'edit-file' parameter.

Published Dec 29, 2025

https://github.com/advisories/GHSA-g5p6-3j82-xfm4

CVSS ScoreHigh

7.5


composer	croogo/croogo	2.3.3
composer	croogo/croogo	3.0.0-alpha.1
composer	croogo/croogo	3.0.0-alpha.2
composer	croogo/croogo	3.0.0-alpha.3
composer	croogo/croogo	3.0.0-alpha.4
composer	croogo/croogo	3.0.0-beta.1
composer	croogo/croogo	3.0.0
composer	croogo/croogo	3.0.1
composer	croogo/croogo	3.0.2
composer	croogo/croogo	3.0.3
composer	croogo/croogo	3.0.4
composer	croogo/croogo	3.0.5
composer	croogo/croogo	3.0.6
composer	croogo/croogo	3.0.7
composer	croogo/croogo	4.0.0-alpha.2
composer	croogo/croogo	4.0.0-beta.1
composer	croogo/croogo	4.0.0-beta.2
composer	croogo/croogo	4.0.0-beta.3
composer	croogo/croogo	4.0.0-beta.4
composer	croogo/croogo	4.0.0
composer	croogo/croogo	4.0.1
composer	croogo/croogo	4.0.2
composer	croogo/croogo	4.0.3
composer	croogo/croogo	4.0.4
composer	croogo/croogo	4.0.5
composer	croogo/croogo	4.0.6
composer	croogo/croogo	4.0.7
composer	croogo/croogo	v2.0.0
composer	croogo/croogo	v2.1.0
composer	croogo/croogo	v2.1.1
composer	croogo/croogo	v2.1.2
composer	croogo/croogo	v2.2.0
composer	croogo/croogo	v2.2.1
composer	croogo/croogo	v2.2.2
composer	croogo/croogo	v2.2.3
composer	croogo/croogo	v2.2.4
composer	croogo/croogo	v2.3.0
composer	croogo/croogo	v2.3.1
composer	croogo/croogo	v2.3.2

Ecosystem	Package	Version


composer	croogo/croogo	2.3.3
composer	croogo/croogo	3.0.0-alpha.1
composer	croogo/croogo	3.0.0-alpha.2
composer	croogo/croogo	3.0.0-alpha.3
composer	croogo/croogo	3.0.0-alpha.4
composer	croogo/croogo	3.0.0-beta.1
composer	croogo/croogo	3.0.0
composer	croogo/croogo	3.0.1
composer	croogo/croogo	3.0.2
composer	croogo/croogo	3.0.3
composer	croogo/croogo	3.0.4
composer	croogo/croogo	3.0.5
composer	croogo/croogo	3.0.6
composer	croogo/croogo	3.0.7
composer	croogo/croogo	4.0.0-alpha.2
composer	croogo/croogo	4.0.0-beta.1
composer	croogo/croogo	4.0.0-beta.2
composer	croogo/croogo	4.0.0-beta.3
composer	croogo/croogo	4.0.0-beta.4
composer	croogo/croogo	4.0.0
composer	croogo/croogo	4.0.1
composer	croogo/croogo	4.0.2
composer	croogo/croogo	4.0.3
composer	croogo/croogo	4.0.4
composer	croogo/croogo	4.0.5
composer	croogo/croogo	4.0.6
composer	croogo/croogo	4.0.7
composer	croogo/croogo	v2.0.0
composer	croogo/croogo	v2.1.0
composer	croogo/croogo	v2.1.1
composer	croogo/croogo	v2.1.2
composer	croogo/croogo	v2.2.0
composer	croogo/croogo	v2.2.1
composer	croogo/croogo	v2.2.2
composer	croogo/croogo	v2.2.3
composer	croogo/croogo	v2.2.4
composer	croogo/croogo	v2.3.0
composer	croogo/croogo	v2.3.1
composer	croogo/croogo	v2.3.2

Find vulnerabilities. Fix fast with AI.

CVE-2024-42718

CVE-2024-42718