CVE-2024-28441 | magicflue up to 7.0 mail/mailupdate.jsp messageid unrestricted upload

Posted by Angelo Barbosa | Mar 22, 2024 | CVE

A vulnerability was found in magicflue up to 7.0. It has been classified as critical. This affects an unknown part of the file mail/mailupdate.jsp. The manipulation of the argument messageid leads to unrestricted upload.

This vulnerability is uniquely identified as CVE-2024-28441. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-28441 | magicflue up to 7.0 mail/mailupdate.jsp messageid unrestricted upload

Related Posts

CVE-2024-2535 | MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 /admin/users.php id cross site scripting

CVE-2024-0731 | PCMan FTP Server 2.0.7 PUT Command denial of service

CVE-2024-2856 | Tenda AC10 16.03.10.13/16.03.10.20 /goform/SetSysTimeCfg fromSetSysTime timeZone stack-based overflow

CVE-2024-7605 | HelloAsso Plugin up to 1.1.10 on WordPress Options Update authorization