CVE-2024-43033 | JPress up to 5.1.1 on Windows AttachmentController unrestricted upload (Issue 188)

Inserito da Angelo Barbosa | Ago 22, 2024 | CVE

A vulnerability classified as critical was found in JPress up to 5.1.1 on Windows. This vulnerability affects the function AttachmentController. The manipulation leads to unrestricted upload.

This vulnerability was named CVE-2024-43033. The attack can be initiated remotely. There is no exploit available.

CVE-2024-43033 | JPress up to 5.1.1 on Windows AttachmentController unrestricted upload (Issue 188)

Post correlati

CVE-2024-0317 | FireEye EX 9.0.3.936727 type/s_f_name cross site scripting

CVE-2023-49807 | WESEEK GROWI up to 5.x MathJax cross site scripting

CVE-2024-20508 | Cisco UTD SNORT IPS Engine Software up to 17.15.1a HTTP heap-based overflow (cisco-sa-utd-snort3-dos-bypas-b4OUEwxD)

CVE-2024-23772 | Quest KACE Agent 12.0.38/13.1.23.0 on Windows KSchedulerSvc.exe Local Privilege Escalation