CVE-2024-10292 | ZZCMS 2023 ChangeTable.php savefilename unrestricted upload

Inserito da Angelo Barbosa | Ott 23, 2024 | CVE

A vulnerability was found in ZZCMS 2023 and classified as critical. This issue affects some unknown processing of the file 3/Ebak5.1/upload/ChangeTable.php. The manipulation of the argument savefilename leads to unrestricted upload.

The identification of this vulnerability is CVE-2024-10292. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-10292 | ZZCMS 2023 ChangeTable.php savefilename unrestricted upload

Post correlati

CVE-2024-36458 | Broadcom Symantec Privileged Access Management up to 3.4.6/4.1.7 PAM unknown vulnerability

CVE-2024-31012 | SEMCMS 4.8 upload.php Privilege Escalation

CVE-2024-25076 | Renesas SmartBond DA14699 Flash Config Section buffer overflow (ATREDIS-2024-0001)

CVE-2024-34467 | ThinkPHP 8.0.3 Cookie think_exception.tpl PHPSESSION information exposure (Issue 2996)