CVE-2024-10412 | Poco-z Guns-Medical 1.0 File Upload /mgr/upload picture cross site scripting (文件上传未过滤 #15)

Posted by Angelo Barbosa | Oct 26, 2024 | CVE

A vulnerability was found in Poco-z Guns-Medical 1.0. It has been declared as problematic. Affected by this vulnerability is the function upload of the file /mgr/upload of the component File Upload. The manipulation of the argument picture leads to cross site scripting.

This vulnerability is known as CVE-2024-10412. The attack can be launched remotely. There is no exploit available.

CVE-2024-10412 | Poco-z Guns-Medical 1.0 File Upload /mgr/upload picture cross site scripting (文件上传未过滤 #15)

Related Posts

CVE-2024-32137 | Solwin User Activity Log Pro Plugin up to 2.3.4 on WordPress sql injection

CVE-2024-5805 | Progress MOVEit Gateway 2024.0.0 SFTP Module improper authentication

CVE-2023-52601 | Linux Kernel up to 6.7.3 jfs dmt_stree array index

CVE-2024-38661 | Linux Kernel up to 6.9.4 modify_bitmap denial of service