CVE-2024-13145 | zhenfeng13 My-Blog 1.0 uploadController. java upload file unrestricted upload

Posted by Angelo Barbosa | Jan 5, 2025 | CVE

A vulnerability classified as critical was found in zhenfeng13 My-Blog 1.0. Affected by this vulnerability is the function upload of the file src/main/java/com/site/blog/my/core/controller/admin/uploadController. java. The manipulation of the argument file leads to unrestricted upload.

This vulnerability is known as CVE-2024-13145. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-13145 | zhenfeng13 My-Blog 1.0 uploadController. java upload file unrestricted upload

Related Posts

CVE-2024-38437 | D-Link DSL-225 BZ_1.00.16 authentication bypass

CVE-2024-6551 | GiveWP Plugin up to 3.15.1 on WordPress information disclosure

CVE-2024-28584 | FreeImage 3.19.0 r1909 J2K Image J2KImageToFIBITMAP null pointer dereference

CVE-2024-54227 | theDotstore Minimum and Maximum Quantity for WooCommerce Plugin authorization