CVE-2024-8294 | FeehiCMS up to 2.1.1 index.php update FriendlyLink[image] unrestricted upload

A vulnerability, which was classified as critical, was found in FeehiCMS up to 2.1.1. This affects the function update of the file /admin/index.php?r=friendly-link%2Fupdate. The manipulation of the argument FriendlyLink[image] leads to unrestricted upload.

This vulnerability is uniquely identified as CVE-2024-8294. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-8294 | FeehiCMS up to 2.1.1 index.php update FriendlyLink[image] unrestricted upload

Related Posts

CVE-2024-24878 | PT Woo Plugins Portugal CTT Tracking for WooCommerce Plugin up to 2.1 on WordPress cross site scripting

CVE-2024-45101 | Lenovo XClarity Administrator up to 4.0 URL cleartext transmission

CVE-2024-40347 | Hyland Alfresco 23.2.1-r96 htmlid cross site scripting

CVE-2024-20075 | MediaTek MT8789 eemgpu out-of-bounds write (ALPS08713302)