CVE-2024-0196 | Magic-Api up to 2.0.1 save code injection

Inserito da Angelo Barbosa | Gen 2, 2024 | CVE

A vulnerability has been found in Magic-Api up to 2.0.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /resource/file/api/save?auto=1. The manipulation leads to code injection.

This vulnerability is known as CVE-2024-0196. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-0196 | Magic-Api up to 2.0.1 save code injection

Post correlati

CVE-2024-36015 | Linux Kernel up to 6.9 ppdev register_device return value (fbf740aeb86a)

CVE-2024-6775 | Google Chrome up to 126.0.6478.126 Media Stream use after free (ID 347373)

CVE-2024-41039 | Linux Kernel up to 6.1.99/6.6.40/6.9.9 cs_dsp buffer overflow

CVE-2024-24150 | libming 0.4.8 SWF File parseSWF_TEXTRECORD memory leak