CVE-2024-13191 | ZeroWdd myblog 1.0 uploadController.java upload file unrestricted upload

Posted by Angelo Barbosa | Jan 8, 2025 | CVE

A vulnerability, which was classified as critical, has been found in ZeroWdd myblog 1.0. This issue affects the function upload of the file src/main/java/com/wdd/myblog/controller/admin/uploadController.java. The manipulation of the argument file leads to unrestricted upload.

The identification of this vulnerability is CVE-2024-13191. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-13191 | ZeroWdd myblog 1.0 uploadController.java upload file unrestricted upload

Related Posts

CVE-2024-39207 | lua-shmem 1.0-1 shmem_write buffer overflow

CVE-2024-30041 | Microsoft Bing Search on iOS protection mechanism

CVE-2024-3274 | D-Link DNS-320L/DNS-320LW/DNS-327L up to 20240403 HTTP GET Request /cgi-bin/info.cgi information disclosure

CVE-2024-23208 | Apple tvOS memory corruption