CVE-2024-8409 | ABCD ABCD2 up to 2.2.0-beta-1 /common/show_image.php image path traversal

Inserito da Angelo Barbosa | Set 4, 2024 | CVE

A vulnerability classified as problematic has been found in ABCD ABCD2 up to 2.2.0-beta-1. This affects an unknown part of the file /common/show_image.php. The manipulation of the argument image leads to path traversal: ‘../filedir’.

This vulnerability is uniquely identified as CVE-2024-8409. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-8409 | ABCD ABCD2 up to 2.2.0-beta-1 /common/show_image.php image path traversal

Post correlati

CVE-2024-8777 | SYSCOM Group OMFLOW up to 1.2.1.2 LDAP Authentication information disclosure

CVE-2024-6811 | IrfanView WSQ File Parser out-of-bounds write

CVE-2024-35753 | TemplatesNext OnePager Plugin up to 1.3.3 on WordPress cross site scripting

CVE-2021-47213 | Linux Kernel up to 5.15.4 NFSD nfsd4_decode_bitmap state issue (10c22d9519f3/c0019b7db1d7)