CVE-2024-1925 | Ctcms 2.1.2 Upsys.php unrestricted upload

Posted by Angelo Barbosa | Feb 27, 2024 | CVE

A vulnerability was found in Ctcms 2.1.2. It has been declared as critical. This vulnerability affects unknown code of the file ctcms/apps/controllers/admin/Upsys.php. The manipulation leads to unrestricted upload.

This vulnerability was named CVE-2024-1925. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-1925 | Ctcms 2.1.2 Upsys.php unrestricted upload

Related Posts

CVE-2024-20399 | Cisco NX-OS up to 10.4(2) CLI os command injection (cisco-sa-nxos-cmd-injection-xD9OhyOP)

CVE-2023-7146 | gopeak MasterLab up to 3.3.10 HTTP POST Request Feature.php sqlInjectDelete phone sql injection

CVE-2021-47086 | Linux Kernel up to 5.15.11 phonet ioctl information disclosure

CVE-2024-24150 | libming 0.4.8 SWF File parseSWF_TEXTRECORD memory leak