CVE-2024-6945 | Flute CMS 0.2.2.4-alpha Avatar Upload Page ImagesController.php avatar unrestricted upload

Posted by Angelo Barbosa | Jul 20, 2024 | CVE

A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been classified as critical. This affects an unknown part of the file app/Core/Http/Controllers/Profile/ImagesController.php of the component Avatar Upload Page. The manipulation of the argument avatar leads to unrestricted upload.

This vulnerability is uniquely identified as CVE-2024-6945. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2024-6945 | Flute CMS 0.2.2.4-alpha Avatar Upload Page ImagesController.php avatar unrestricted upload

Related Posts

CVE-2024-33928 | CodeBard Patron Button and Widgets for Patreon Plugin up to 2.2.0 on WordPress cross site scripting

CVE-2023-7161 | Netentsec NS-ASG Application Security Gateway 6.3.1 Login index.php check_VirtualSiteId sql injection

CVE-2024-1940 | themefusecom Brizy Plugin up to 2.4.41 on WordPress cross site scripting

CVE-2024-1472 | WP Maintenance Plugin up to 6.1.6 on WordPress information disclosure