CVE-2024-8338 | HFO4 shudong-share 2.4.7 File Extension fileReceive.php file unrestricted upload

A vulnerability was found in HFO4 shudong-share 2.4.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /includes/fileReceive.php of the component File Extension Handler. The manipulation of the argument file leads to unrestricted upload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is known as CVE-2024-8338. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-8338 | HFO4 shudong-share 2.4.7 File Extension fileReceive.php file unrestricted upload

Related Posts

CVE-2024-4940 | Gradio URLs redirect

CVE-2021-47046 | Linux Kernel up to 5.10.36/5.11.20/5.12.3 DRM hdmi_14_process_transaction off-by-one

CVE-2022-1760 | Core Control Plugin up to 1.2.1 on WordPress Setting cross-site request forgery

CVE-2024-22416 | pyLoad up to 0.5.0b3.dev77 API cross-site request forgery (GHSA-pgpj-v85q-h5fm)