CVE-2024-13984 | Qi’anxin TianQing Management Center up to 6.7.0.4130 Multipart Form /rptsvr/upload filename file inclusion

Inserito da Angelo Barbosa | Ago 28, 2025 | CVE

A vulnerability has been found in Qi’anxin TianQing Management Center up to 6.7.0.4130 and classified as critical. This affects an unknown part of the file /rptsvr/upload of the component Multipart Form Handler. The manipulation of the argument filename leads to file inclusion.

This vulnerability is listed as CVE-2024-13984. The attack may be initiated remotely. There is no available exploit.

CVE-2024-13984 | Qi’anxin TianQing Management Center up to 6.7.0.4130 Multipart Form /rptsvr/upload filename file inclusion

Post correlati

CVE-2025-7517 | code-projects Online Appointment Booking System 1.0 /getDay.php cidval sql injection

CVE-2025-5725 | SourceCodester Student Result Management System 1.0 Grading System Page grading-system Remark cross site scripting

CVE-2024-43383 | Apache Lucene.Net.Replicator up to 4.8.0-beta00016 Privilege Escalation

CVE-2023-6609 | osCommerce 4 all-products keywords cross site scripting