CVE-2024-46609 | Thecosy IceCMS up to 3.4.7 UserController.java CheckVip access control

Inserito da Angelo Barbosa | Set 24, 2024 | CVE

A vulnerability was found in Thecosy IceCMS up to 3.4.7. It has been declared as critical. This vulnerability affects the function CheckVip of the file UserController.java. The manipulation leads to improper access controls.

This vulnerability was named CVE-2024-46609. The attack needs to be initiated within the local network. There is no exploit available.

CVE-2024-46609 | Thecosy IceCMS up to 3.4.7 UserController.java CheckVip access control

Post correlati

CVE-2024-6130 | 10Web Form Maker Plugin up to 1.15.25 on WordPress Setting cross site scripting

CVE-2024-30301 | Adobe Acrobat Reader up to 20.005.30539/23.008.20470 use after free (apsb24-07)

CVE-2023-48725 | Netgear RAX30 1.0.7.78/1.0.11.96 HTTP Request getblockschedule stack-based overflow (PSV-2023-0160)

CVE-2024-48246 | Vehicle Management System 1.0 booking.php Name cross site scripting