A vulnerability classified as critical was found in Qiyu iFair up to 23.8_ad0. This vulnerability affects the function
uploadimage
. The manipulation leads to path traversal.
This vulnerability was named CVE-2024-22523. The attack can be initiated remotely. There is no exploit available.