CVE-2024-3804 | Vesystem Cloud Desktop up to 20240408 fileupload2.php file unrestricted upload

A vulnerability, which was classified as critical, has been found in Vesystem Cloud Desktop up to 20240408. This issue affects some unknown processing of the file /Public/webuploader/0.1.5/server/fileupload2.php. The manipulation of the argument file leads to unrestricted upload.

The identification of this vulnerability is CVE-2024-3804. The attack may be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-3804 | Vesystem Cloud Desktop up to 20240408 fileupload2.php file unrestricted upload

Related Posts

CVE-2023-49096 | Jellyfin up to 10.8.12 /Videos//stream argument injection

CVE-2023-6449 | Contact Form 7 Plugin up to 5.8.3 on WordPress unrestricted upload

CVE-2024-32536 | Trade Pips WP TradingView Plugin up to 1.7 on WordPress cross site scripting

CVE-2024-39517 | Juniper Networks Junos OS/Junos OS Evolved Layer 2 Address Learning Daemon unusual condition (JSA79175)