CVE-2024-42676 | Huizhi Enterprise Resource Management System up to 1.0 DNPageAjaxPostBack /nssys/common/Upload unrestricted upload

Inserito da Angelo Barbosa | Ago 15, 2024 | CVE

A vulnerability classified as critical was found in Huizhi Enterprise Resource Management System up to 1.0. Affected by this vulnerability is an unknown functionality of the file /nssys/common/Upload of the component DNPageAjaxPostBack. The manipulation leads to unrestricted upload.

This vulnerability is known as CVE-2024-42676. The attack can be launched remotely. There is no exploit available.

CVE-2024-42676 | Huizhi Enterprise Resource Management System up to 1.0 DNPageAjaxPostBack /nssys/common/Upload unrestricted upload

Post correlati

CVE-2023-37187 | C-Blosc2 up to 2.9.2 zfp/blosc2-zfp.c zfp_acc_decompress null pointer dereference (Issue 520)

CVE-2024-30000 | Microsoft unknown vulnerability

CVE-2024-4709 | Fluent Contact Form Plugin up to 5.1.16 on WordPress cross site scripting

CVE-2024-28816 | Student Information Chatbot 1.0 Login index.php username/password sql injection