Login Sign Up

CVE-2023-1105

8.1 HIGH
Path Traversal

📋 TL;DR

This vulnerability allows attackers to control file paths in FlatPress blog software, potentially leading to arbitrary file read or write operations. It affects all FlatPress installations prior to version 1.3 where users can submit file uploads or manipulate file parameters.

💻 Affected Systems

Products:
  • FlatPress
Versions: All versions prior to 1.3
Operating Systems: All platforms running FlatPress
Default Config Vulnerable: ⚠️ Yes
Notes: Requires file upload functionality or parameter manipulation capability

📦 What is this software?

Flatpress by Flatpress

View all CVEs affecting Flatpress →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution via file upload manipulation leading to complete system compromise

🟠

Likely Case

Arbitrary file read/write allowing sensitive data exposure or website defacement

🟢

If Mitigated

Limited impact with proper file permission restrictions and input validation

🌐 Internet-Facing: HIGH - Web applications are directly accessible and vulnerable to unauthenticated attacks
🏢 Internal Only: MEDIUM - Internal users could exploit but requires access to vulnerable interface

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit details available in public bounty reports with working proof-of-concept

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.3

Vendor Advisory: https://github.com/flatpressblog/flatpress/commit/5d5c7f6d8f072d14926fc2c3a97cdd763802f170

Restart Required: No

Instructions:

1. Download FlatPress 1.3 or later from official repository. 2. Backup current installation. 3. Replace vulnerable files with patched versions. 4. Verify file permissions remain secure.

🔧 Temporary Workarounds

Disable file uploads

all

Temporarily disable file upload functionality in FlatPress configuration

Edit fp-config.php and set file upload permissions to false

Web Application Firewall rules

all

Block malicious file path patterns in request parameters

Add WAF rules to detect and block path traversal patterns like ../, absolute paths

🧯 If You Can't Patch

  • Implement strict input validation on all file-related parameters
  • Restrict web server permissions to prevent file writes outside designated directories

🔍 How to Verify

Check if Vulnerable:

Check if FlatPress version is below 1.3 in admin panel or fp-config.php

Check Version:

Check fp-config.php for version number or visit /fp-admin/ panel

Verify Fix Applied:

Verify version is 1.3+ and test file upload functionality with malicious path inputs

📡 Detection & Monitoring

Log Indicators:

  • Unusual file path patterns in access logs
  • Failed file write attempts outside expected directories
  • Multiple file upload attempts with path traversal sequences

Network Indicators:

  • HTTP requests containing ../ sequences in file parameters
  • POST requests to file upload endpoints with manipulated paths

SIEM Query:

source="web_logs" AND (uri="*../*" OR params="*../*") AND dest_port=80

📊 Metadata

CVE ID: CVE-2023-1105
CVSS v3 Score: 8.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
CWE: CWE-73
Published: March 1, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-1105, you might also want to check these:

CVE-2026-27211 10.0

Cloud Hypervisor versions 34.0 through 50.0 are vulnerable to host file exfiltration when using virt...

Same vulnerability type (CWE-73)
CVE-2024-55371 9.8

Wallos versions up to 2.38.2 contain a file upload vulnerability in the restore backup function that...

Same vulnerability type (CWE-73)
CVE-2025-29708 9.8

SourceCodester Company Website CMS 1.0 contains an unauthenticated file upload vulnerability in the ...

Same vulnerability type (CWE-73)