CVE-2024-25274 | Novel-Plus 4.3.0-RC1 /sysFile/upload unrestricted upload

Posted by Angelo Barbosa | Feb 20, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in Novel-Plus 4.3.0-RC1. This issue affects some unknown processing of the file /sysFile/upload. The manipulation leads to unrestricted upload.

The identification of this vulnerability is CVE-2024-25274. Access to the local network is required for this attack to succeed. There is no exploit available.

CVE-2024-25274 | Novel-Plus 4.3.0-RC1 /sysFile/upload unrestricted upload

Related Posts

CVE-2024-35354 | Diño Physics School Assistant 2.3 Master.php id sql injection

CVE-2022-45362 | Paytm Payment Gateway Plugin up to 2.7.0 on WordPress server-side request forgery

CVE-2024-4550 | Lenovo P360 Workstation BIOS stack-based overflow

CVE-2024-0731 | PCMan FTP Server 2.0.7 PUT Command denial of service