CVE-2024-24202 | ZenTao Community Edition/Biz/Max TXT File /upgrade/control.php unrestricted upload

Inserito da Angelo Barbosa | Feb 8, 2024 | CVE

A vulnerability has been found in ZenTao Community Edition, Biz and Max and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /upgrade/control.php of the component TXT File Handler. The manipulation leads to unrestricted upload.

This vulnerability is known as CVE-2024-24202. Access to the local network is required for this attack to succeed. There is no exploit available.

CVE-2024-24202 | ZenTao Community Edition/Biz/Max TXT File /upgrade/control.php unrestricted upload

Post correlati

CVE-2024-22338 | IBM Security Verify Access OIDC Provider up to 23.03 information disclosure (XFDB-279978)

CVE-2021-47045 | Linux Kernel up to 5.11.20/5.12.3 lpfc lpfc_prep_els_iocb null pointer dereference (a09677de458d/9bdcfbed2a9f/8dd1c125f7f8)

CVE-2024-1412 | Memberpress Plugin up to 1.11.26 on WordPress Error cross site scripting

CVE-2024-27967 | Michael Leithold DSGVO All in One for WP Plugin up to 4.3 on WordPress cross-site request forgery