CVE-2024-31615 | ThinkCMF 6.0.9 UeditorController.php unrestricted upload

Posted by Angelo Barbosa | Apr 25, 2024 | CVE

A vulnerability, which was classified as critical, was found in ThinkCMF 6.0.9. Affected is an unknown function of the file UeditorController.php. The manipulation leads to unrestricted upload.

This vulnerability is traded as CVE-2024-31615. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-31615 | ThinkCMF 6.0.9 UeditorController.php unrestricted upload

Related Posts

CVE-2024-22433 | Dell Data Protection Search up to 19.6.3 LdapSettings.get_ldap_info file information disclosure (dsa-2024-063)

CVE-2024-7737 | Dassault Systèmes 3DSwymer up to R2024x cross site scripting

CVE-2023-48749 | Salient Core Plugin up to 2.0.2 on WordPress cross site scripting

CVE-2024-40657 | Google Android 12/12L/13/14 AccountTypePreferenceLoader.java addPreferencesForType denial of service