MEDIUM 6.5

CVE-2026-42679: Path Traversal in Mamunur Rashid Classified Listing (CVSS 6.5)

CVE-2026-42679 is a path traversal vulnerability in Mamunur Rashid Classified Listing that allows authenticated users to read sensitive files outside the application's intended directory structure. An attacker with valid login credentials can craft specially formatted file path requests to access restricted files on the server, potentially exposing configuration data, database backups, or other confidential information. The vulnerability affects Classified Listing versions up through 5.3.8.

Source data · NVD / CISA · public domain

CVSS
3.1 · 6.5 MEDIUM · CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Weaknesses (CWE)
CWE-22
Affected products
0 configuration(s)
Published / Modified
2026-06-01 / 2026-06-17

NVD description (verbatim)

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Mamunur Rashid Classified Listing allows Path Traversal. This issue affects Classified Listing: from n/a through 5.3.8.

1 reference(s) · View on NVD →

SEC.co analysis · AI-assisted, reviewed against source

Technical summary

This vulnerability exploits improper input validation in file path handling within Classified Listing. The application fails to properly sanitize or restrict user-supplied file paths, enabling directory traversal sequences (such as '../' or similar bypasses) to escape the intended base directory. Because the CVSS vector indicates PR:L (Privileges Required: Low) and UI:N (User Interaction: None), exploitation requires valid authentication but no additional user interaction. The confidentiality impact is rated high, meaning sensitive data exposure is the primary risk. No integrity or availability impact is noted, so file modification or service disruption is not a direct consequence of this flaw.

Business impact

Unauthorized information disclosure represents the primary business risk. Attackers with valid user accounts—whether legitimate users acting maliciously or compromised accounts—can retrieve sensitive files, potentially including database exports, environment configuration files, API keys, or personally identifiable information (PII) of users or administrators. This can lead to regulatory compliance violations (GDPR, CCPA, etc.), reputational harm, and facilitate secondary attacks if credentials or system architecture details are exposed. Organizations relying on Classified Listing for user data management face elevated breach risk until patching occurs.

Affected systems

Mamunur Rashid Classified Listing versions from the earliest tracked version through 5.3.8 are confirmed vulnerable. Organizations running any instance of Classified Listing should verify their installed version against the 5.3.8 threshold. The vulnerability affects any deployment regardless of hosting environment (on-premises or cloud-hosted), though internet-facing instances face higher attack probability. No information is provided regarding versions 5.3.9 or later; consult the vendor advisory to confirm patched versions.

Exploitability

Exploitability is moderate. The attack requires valid authentication credentials, which raises the bar compared to unauthenticated vulnerabilities but remains practical given common scenarios: compromised user accounts, insider threats, or legitimate users with malicious intent. Once authenticated, no complex exploitation steps are needed—simple HTTP requests with manipulated file paths can trigger the vulnerability. The attack leaves minimal forensic traces if logging is not comprehensive, and automated scanning can quickly identify if a target instance is vulnerable.

Remediation

Upgrade Classified Listing to a patched version beyond 5.3.8. Consult the vendor's security advisories and release notes to identify the specific remediated version. As an interim mitigation, restrict file upload and file access functionality to trusted users only, and implement strict network-level access controls limiting who can reach the application. Monitor access logs for suspicious path traversal patterns (e.g., repeated '../' sequences or unusual file requests).

Patch guidance

Check Mamunur Rashid's official repository or website for patch availability. Verify against the vendor advisory the exact version number containing the fix—do not assume any version beyond 5.3.8 is patched without confirmation. Test patches in a non-production environment before deployment to ensure compatibility with existing configurations and data. Plan deployment during a maintenance window to minimize user impact. After patching, validate that the remediation is effective by confirming the application rejects path traversal attempts.

Detection guidance

Monitor web server and application logs for HTTP requests containing path traversal indicators such as '../', '..\', '%2e%2e', or URL-encoded variants. Flag repeated attempts to access system files outside the application's normal data directories. Implement Web Application Firewall (WAF) rules that block or alert on path traversal patterns. Conduct a log review for the period before patching to identify if the vulnerability was exploited. Consider using Static Application Security Testing (SAST) tools on any custom extensions or integrations with Classified Listing to identify similar path traversal weaknesses.

Why prioritize this

Although rated MEDIUM severity with a CVSS score of 6.5, this vulnerability warrants prompt attention because: (1) it enables direct access to sensitive files without integrity or availability safeguards; (2) it requires only valid authentication, which is often easier to obtain than zero-day exploits; (3) information disclosure can trigger compliance violations and fuel follow-on attacks; and (4) the affected product handles user-generated classified listings, likely containing PII. Organizations processing sensitive user data should prioritize patching within their standard update cycle. The lack of KEV status does not indicate low risk—it reflects current lack of active exploitation in the wild, not vulnerability severity.

Risk score, explained

The CVSS 3.1 score of 6.5 (MEDIUM) reflects: high confidentiality impact (C:H) due to unrestricted file read access; no integrity or availability impact (I:N, A:N); low privilege requirement (PR:L), meaning attackers need valid credentials; and low attack complexity (AC:L), allowing straightforward exploitation. This profile is typical for authenticated information disclosure vulnerabilities. Organizations handling sensitive data or operating in regulated environments should apply a higher-risk multiplier internally and treat this as HIGH priority despite the MEDIUM CVSS rating.

Frequently asked questions

Can an attacker without login credentials exploit this vulnerability?

No. The CVSS vector PR:L indicates that authentication is required. An attacker must first obtain valid user credentials, either through compromise, phishing, or legitimate access. However, once authenticated, exploitation is straightforward and requires no additional user interaction.

What versions of Classified Listing need to be updated?

All versions up to and including 5.3.8 are confirmed vulnerable. Verify your installed version and consult the vendor's security advisory to identify the specific patched version available for your release line. Do not assume versions beyond 5.3.8 are patched without explicit confirmation from the vendor.

Will this vulnerability affect my data integrity or service availability?

No. This vulnerability is limited to unauthorized file read access (confidentiality impact). It does not enable attackers to modify files or disrupt the application, so data integrity and system availability should not be directly compromised. However, unauthorized access to configuration or backup files could indirectly facilitate further attacks.

How can I detect if this vulnerability has been exploited in my environment?

Review web server and application logs for suspicious file path requests containing '../', encoded traversal sequences, or unusual attempts to access system directories. Implement WAF rules to alert on path traversal patterns. Compare file access logs before and after any known compromise dates. Consider engaging a forensic specialist if you suspect exploitation.

This analysis is provided for informational purposes and does not constitute professional security advice. Organizations must independently verify all patch version numbers and compatibility against their environment before deployment. Consult the vendor's official security advisory for authoritative remediation guidance. SEC.co assumes no liability for patch installation outcomes or any reliance on this content. Timelines and availability of patches may vary by vendor and distribution channel. Source: NVD (public-domain), retrieved 2026-07-07. Analysis generated by SEC.co (claude-haiku-4-5).