CVE-2024-0505 | ZhongFuCheng3y Austin 1.0 Upload Material Menu MaterialController.java getFile unrestricted upload

Posted by Angelo Barbosa | Jan 12, 2024 | CVE

A vulnerability was found in ZhongFuCheng3y Austin 1.0 and classified as critical. This issue affects the function getFile of the file com/java3y/austin/web/controller/MaterialController.java of the component Upload Material Menu. The manipulation leads to unrestricted upload.

The identification of this vulnerability is CVE-2024-0505. Access to the local network is required for this attack. Furthermore, there is an exploit available.

CVE-2024-0505 | ZhongFuCheng3y Austin 1.0 Upload Material Menu MaterialController.java getFile unrestricted upload

Related Posts

CVE-2024-42032 | Huawei HarmonyOS/EMUI Contacts Module information disclosure

CVE-2024-5427 | themewinter WPCafe Plugin up to 2.2.24 on WordPress cross site scripting (ID 3095135)

CVE-2024-38735 | N.O.U.S. Open Useful and Simple Event Post Plugin up to 5.9.5 on WordPress path traversal

CVE-2024-0151 | ARM v8-M Security Extensions Requirements on Development Tools unexpected data type