{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T15:02:32.787","vulnerabilities":[{"cve":{"id":"CVE-2025-67004","sourceIdentifier":"cve@mitre.org","published":"2026-01-09T17:15:53.030","lastModified":"2026-01-23T19:15:52.963","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"** Disputed ** An Information Disclosure vulnerability in CouchCMS 2.4 allow an Admin user to read arbitrary files via traversing directories back after back. It can Disclosure the source code or any other confidential information if weaponize accordingly. NOTE: A community member states that this is not a CouchCMS vulnerability and that if /\\<file> is accessible it is a web-server configuration issue."},{"lang":"es","value":" Disputado  Una vulnerabilidad de revelación de información en CouchCMS 2.4 permite a un usuario administrador leer archivos arbitrarios mediante la navegación de directorios hacia atrás uno tras otro. Puede revelar el código fuente o cualquier otra información confidencial si se explota adecuadamente. NOTA: Un miembro de la comunidad afirma que esto no es una vulnerabilidad de CouchCMS y que si /\\ es accesible es un problema de configuración del servidor web."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:couchcms:couchcms:2.4:*:*:*:*:*:*:*","matchCriteriaId":"2BDD41C8-4BD9-4B50-AB03-B379BB2BA31D"}]}]}],"references":[{"url":"https://gist.github.com/thepiyushkumarshukla/d01f8004c43692f18c75548f4739955a","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/CouchCMS/CouchCMS","source":"cve@mitre.org","tags":["Product"]},{"url":"https://www.couchcms.com/","source":"cve@mitre.org","tags":["Product"]}]}}]}