CVE-2024-1035 | openBI up to 1.0.8 Icon.php uploadIcon image unrestricted upload

Inserito da Angelo Barbosa | Gen 29, 2024 | CVE

A vulnerability has been found in openBI up to 1.0.8 and classified as critical. This vulnerability affects the function uploadIcon of the file /application/index/controller/Icon.php. The manipulation of the argument image leads to unrestricted upload.

This vulnerability was named CVE-2024-1035. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-1035 | openBI up to 1.0.8 Icon.php uploadIcon image unrestricted upload

Post correlati

CVE-2024-44102 | Siemens PP TeleControl Server Basic 1000 to 5000 up to 3.1.2.0 deserialization (ssa-454789)

CVE-2024-10282 | Tenda RX9/RX9 Pro 22.03.02.10/22.03.02.20 SetVirtualServerCfg sub_42EA38 list stack-based overflow

CVE-2023-42957 | Apple watchOS permission

CVE-2024-8529 | LearnPress Plugin up to 4.2.7 on WordPress c_fields sql injection