CVE-2024-40553 | Tmall Demo 2024.07.03 uploadUserHeadImage unrestricted upload

Inserito da Angelo Barbosa | Lug 15, 2024 | CVE

A vulnerability was found in Tmall Demo 2024.07.03. It has been rated as critical. This issue affects the function uploadUserHeadImage. The manipulation leads to unrestricted upload.

The identification of this vulnerability is CVE-2024-40553. The attack may be initiated remotely. There is no exploit available.

CVE-2024-40553 | Tmall Demo 2024.07.03 uploadUserHeadImage unrestricted upload

Post correlati

CVE-2024-35225 | jupyterhub jupyter-server-proxy up to 3.2.3/4.2.0 /proxy host cross site scripting (GHSA-fvcq-4×64-hqxr)

CVE-2024-47616 | Pomerium up to 0.27.0 authorization (GHSA-r7rh-jww5-5fjr)

CVE-2024-1744 | Ariva Computer Accord ORS up to 7.3.2.0 information disclosure

CVE-2024-36674 | LyLme_spage 1.9.5 admin/link.php cross site scripting (Issue 91)