CVE-2024-9660 | dasinfomedia School Management System Plugin up to 91.5.0 on WordPress mj_smgt_load_documets_new/mj_smgt_load_documets unrestricted upload

Inserito da Angelo Barbosa | Nov 23, 2024 | CVE

A vulnerability classified as critical has been found in dasinfomedia School Management System Plugin up to 91.5.0 on WordPress. This affects the function mj_smgt_load_documets_new/mj_smgt_load_documets. The manipulation leads to unrestricted upload.

This vulnerability is uniquely identified as CVE-2024-9660. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-9660 | dasinfomedia School Management System Plugin up to 91.5.0 on WordPress mj_smgt_load_documets_new/mj_smgt_load_documets unrestricted upload

Post correlati

CVE-2024-6728 | itsourcecode Tailoring Management System 1.0 typeedit.php id sql injection

CVE-2024-51483 | dgtlmoon changedetection.io up to 0.47.4 path traversal

CVE-2024-31100 | Festi-Team Popup Cart Lite for WooCommerce Plugin up to 1.1 on WordPress cross-site request forgery

CVE-2024-7467 | Raisecom MSG1200/MSG2100E/MSG2200/MSG2300 3.90 Web Interface /vpn/list_ip_network.php sslvpn_config_mod template/stylenum os command injection