CVE-2024-6083 | PHPVibe 11.0.46 Media Upload Page upload-mp3.php file unrestricted upload

Inserito da Angelo Barbosa | Giu 17, 2024 | CVE

A vulnerability, which was classified as critical, was found in PHPVibe 11.0.46. Affected is an unknown function of the file /app/uploading/upload-mp3.php of the component Media Upload Page. The manipulation of the argument file leads to unrestricted upload.

This vulnerability is traded as CVE-2024-6083. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-6083 | PHPVibe 11.0.46 Media Upload Page upload-mp3.php file unrestricted upload

Post correlati

CVE-2021-47092 | Linux Kernel up to 5.15.11 VMX nested.c __vmx_handle_exit denial of service (e4e4e7cb2298/a80dfc025924)

CVE-2024-5966 | Grey Opaque Plugin up to 2.0.1 on WordPress Download-Button Shortcode cross site scripting

CVE-2023-48380 | Softnext Mail SQR Expert up to 230330 os command injection

CVE-2024-31140 | JetBrains TeamCity prior 2024.03 Tools improper validation of consistency within input