CVE-2023-49031

📊 5.1 MEDIUM⚡ 0.0%🎯 1 exploits

📅 Published Mar 3, 2025

📋 Status: Analyzed

Directory Traversal (Local File Inclusion) vulnerability in Tikit (now Advanced) eMarketing platform 6.8.3.0 allows a remote attacker to read arbitrary files and obtain sensitive information via a crafted payload to the filename parameter to the OpenLogFile endpoint.

CVSS v3.1 • 134c704f-9b21-4f2e-91b3-4a467353bcc0

🎯 Affected Products & Systems

1 product configurations affected

Filter by type:

Type	Vendor	Product	Version Range	Status	CPE String
📱App	oneadvanced	tikit emarketing	6.8.3.0	Vulnerable	cpe:2.3:a:oneadvanced:tikit_emarketing:6.8.3.0:::::::*

📱

oneadvanced / tikit emarketing

Application

Vulnerable

Version: 6.8.3.0

CPE:

cpe:2.3:a:oneadvanced:tikit_emarketing:6.8.3.0:*:*:*:*:*:*:*

Metrics

5.1 MEDIUMCVSS v3.1134c704f-9b21-4f2e-91b3-4a467353bcc0

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Attack Vector:

LOCAL

Complexity:

LOW

Privileges:

NONE

User Interaction:

NONE

Confidentiality:

LOW

Integrity:

LOW

Availability:

NONE

Scope:

UNCHANGED

🔍 Technical Details

Analysis Status

Analyzed

CVSS Details

5.1 (MEDIUM)v3.1

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

EPSS Details

0.0% (Minimal)0.2th percentile

Last updated: Oct 30, 2025

Exploitation probability within 30 days

Published Date

Mar 3, 2025 (8 months ago)

Last Modified

Jul 11, 2025 (3 months ago)

Security Weaknesses1

CWE-98

Available exploits (1)

🔐 Sign-in Required

References1

NVD