CVE-2024-36528 | NukeViet download.php deserialization

Inserito da Angelo Barbosa | Giu 10, 2024 | CVE

A vulnerability, which was classified as critical, was found in NukeViet. Affected is an unknown function of the file /admin/extensions/download.php. The manipulation leads to deserialization.

This vulnerability is traded as CVE-2024-36528. Access to the local network is required for this attack to succeed. There is no exploit available.

CVE-2024-36528 | NukeViet download.php deserialization

Post correlati

CVE-2024-25958 | Dell Grab up to 5.0.4 on Windows default permission (dsa-2024-121)

CVE-2024-41243 | Kashipara Responsive School Management System 3.2.0 Marks Details /smsa/view_marks.php access control

CVE-2024-33593 | RedNao Smart Forms Plugin up to 2.6.91 on WordPress authorization

CVE-2024-46844 | Linux Kernel up to 6.10.9 um setup_one_line initialization