CVE-2024-1198 | openBI up to 6.0.3 Phar User.php addxinzhi outimgurl deserialization

Inserito da Angelo Barbosa | Feb 2, 2024 | CVE

A vulnerability, which was classified as critical, was found in openBI up to 6.0.3. Affected is the function addxinzhi of the file application/controllers/User.php of the component Phar Handler. The manipulation of the argument outimgurl leads to deserialization.

This vulnerability is traded as CVE-2024-1198. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-1198 | openBI up to 6.0.3 Phar User.php addxinzhi outimgurl deserialization

Post correlati

CVE-2024-5152 | ElementsReady Addons for Elementor Plugin up to 6.1.0 on WordPress cross site scripting

CVE-2024-28671 | DedeCMS 5.7 stepselect_main.php cross-site request forgery

CVE-2024-32268 | Tuya U6N 3.2.5 Packet denial of service

CVE-2024-22140 | Cozmoslabs Profile Builder Pro Plugin up to 3.10.0 on WordPress cross-site request forgery