CVE-2024-7917 | DouPHP 1.7 Release 20220822 Favicon /admin/system.php site_favicon unrestricted upload

Inserito da Angelo Barbosa | Ago 18, 2024 | CVE

A vulnerability, which was classified as critical, has been found in DouPHP 1.7 Release 20220822. Affected by this issue is some unknown functionality of the file /admin/system.php of the component Favicon Handler. The manipulation of the argument site_favicon leads to unrestricted upload.

This vulnerability is handled as CVE-2024-7917. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2024-7917 | DouPHP 1.7 Release 20220822 Favicon /admin/system.php site_favicon unrestricted upload

Post correlati

CVE-2024-35307 | Artica Pandora FMS up to 776 Realtime Graph Extension argument injection

CVE-2021-47052 | Linux Kernel up to 5.10.36/5.11.20/5.12.3 sa2ul memory leak

CVE-2023-48689 | Project Worlds Railway Reservation System 1.0 train.php byname sql injection

CVE-2024-26218 | Microsoft unknown vulnerability