CVE-2024-6945 | Flute CMS 0.2.2.4-alpha Avatar Upload Page ImagesController.php avatar unrestricted upload

Posted by Angelo Barbosa | Jul 20, 2024 | CVE

A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been classified as critical. This affects an unknown part of the file app/Core/Http/Controllers/Profile/ImagesController.php of the component Avatar Upload Page. The manipulation of the argument avatar leads to unrestricted upload.

This vulnerability is uniquely identified as CVE-2024-6945. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2024-6945 | Flute CMS 0.2.2.4-alpha Avatar Upload Page ImagesController.php avatar unrestricted upload

Related Posts

CVE-2024-51132 | HAPI FHIR up to 6.3.x Request xml external entity reference

CVE-2024-20880 | Samsung Mobile Devices Bootloader buffer overflow

CVE-2024-9915 | D-Link DIR-619L B1 2.06 /goform/formVirtualServ curTime buffer overflow

CVE-2023-38945 | Multilaser RE160V/RE163V 12.03.01.09_pt/12.03.01.10_pt Web Management Interface cross-site request forgery