CVE-2024-25410 | flusity CMS 2.33 update_setting.php unrestricted upload

Inserito da Angelo Barbosa | Feb 26, 2024 | CVE

A vulnerability has been found in flusity CMS 2.33 and classified as critical. This vulnerability affects unknown code of the file update_setting.php. The manipulation leads to unrestricted upload.

This vulnerability was named CVE-2024-25410. The attack needs to be initiated within the local network. There is no exploit available.

CVE-2024-25410 | flusity CMS 2.33 update_setting.php unrestricted upload

Post correlati

CVE-2024-43235 | Meta Box Plugin up to 5.9.10 on WordPress authorization

CVE-2024-37560 | IqbalRony WP User Switch Plugin up to 1.1.0 on WordPress privileges management

CVE-2024-28635 | SurveyJS Survey Creator up to 1.9.132 title cross site scripting (Issue 5285)

CVE-2017-20191 | Zimbra zm-admin-ajax up to 8.8.1 Form Textbox Field Error XFormItem.js XFormItem.prototype.setError message cross site scripting