CVE-2024-13022 | taisan tarzan-cms 1.0.0 Article Management UploadController.java UploadResponse file unrestricted upload (IBCUPG)

Posted by Angelo Barbosa | Dec 28, 2024 | CVE

A vulnerability, which was classified as critical, was found in taisan tarzan-cms 1.0.0. This affects the function UploadResponse of the file src/main/java/com/tarzan/cms/modules/admin/controller/common/UploadController.java of the component Article Management. The manipulation of the argument file leads to unrestricted upload.

This vulnerability is uniquely identified as CVE-2024-13022. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2024-13022 | taisan tarzan-cms 1.0.0 Article Management UploadController.java UploadResponse file unrestricted upload (IBCUPG)

Related Posts

CVE-2024-56312 | payload REDCap up to 15.0.0 Project Dashboard Name cross site scripting

CVE-2023-45316 | Mattermost up to 7.8.14/8.1.5/9.0.3/9.1.2/9.2.1 Telemetry Run ID path traversal

CVE-2024-40597 | CheckUser Extension up to 1.42.1 on MediaWiki Log Entry log_deleted information disclosure

CVE-2024-38143 | Microsoft unknown vulnerability