CVE-2024-29272 | VvvebJs up to 1.7.4 save.php sanitizeFileName Remote Code Execution (Issue 343)

Inserito da Angelo Barbosa | Mar 22, 2024 | CVE

A vulnerability classified as critical was found in VvvebJs up to 1.7.4. This vulnerability affects unknown code of the file save.php. The manipulation of the argument sanitizeFileName leads to Remote Code Execution.

This vulnerability was named CVE-2024-29272. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-29272 | VvvebJs up to 1.7.4 save.php sanitizeFileName Remote Code Execution (Issue 343)

Post correlati

CVE-2024-23861 | Cups Easy 1.0 URL unitofmeasurementcreate.php unitofmeasurementid cross site scripting

CVE-2024-7604 | Logsign Unified SecOps Platform improper authentication (ZDI-24-1104)

CVE-2023-32852 | MediaTek MT6779 Cameraisp information disclosure (ALPS07670971)

CVE-2024-36496 | Faronics WINSelect Standard/WINSelect Enterprise prior 8.30.xx.903 Configuration File hard-coded credentials