CVE-2024-1036 | openBI up to 1.0.8 Icon Screen.php uploadIcon unrestricted upload

Posted by Angelo Barbosa | Jan 29, 2024 | CVE

A vulnerability was found in openBI up to 1.0.8 and classified as critical. This issue affects the function uploadIcon of the file /application/index/controller/Screen.php of the component Icon Handler. The manipulation leads to unrestricted upload.

The identification of this vulnerability is CVE-2024-1036. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-1036 | openBI up to 1.0.8 Icon Screen.php uploadIcon unrestricted upload

Related Posts

CVE-2021-22503 | OpenText eDirectory 9.2.3.0000 cross site scripting

CVE-2024-2221 | Qdrant up to 1.7.x upload unrestricted upload

CVE-2024-43199 | Nagios NDOUtils up to 2.1.3 Executable File Privilege Escalation

CVE-2023-52901 | Linux Kernel up to 6.1.7 xhci xhci_get_virt_ep null pointer dereference