CVE-2024-1260 - OpenCVE

A vulnerability classified as critical has been found in Juanpao JPShop up to 1.5.02. This affects the function actionIndex of the file /api/controllers/admin/app/ComboController.php of the component API. The manipulation of the argument pic_url leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252999.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Juanpao	Jpshop

Configuration 1 [-]

cpe:2.3:a:juanpao:jpshop:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://note.zhaoj.in/share/H73DuWdyifaI
https://vuldb.com/?ctiid.252999
https://vuldb.com/?id.252999

History

No history.

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2024-02-06T21:31:03.764Z

Updated: 2024-08-01T18:33:25.305Z

Reserved: 2024-02-06T08:28:42.086Z

Link: CVE-2024-1260

Vulnrichment

Updated: 2024-08-01T18:33:25.305Z

NVD

Status : Modified

Published: 2024-02-06T22:16:14.463

Modified: 2024-05-17T02:35:21.193

Link: CVE-2024-1260

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-1260", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2024-02-06T08:28:42.086Z", "datePublished": "2024-02-06T21:31:03.764Z", "dateUpdated": "2024-08-01T18:33:25.305Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2024-02-09T19:13:56.602Z"}, "title": "Juanpao JPShop API ComboController.php actionIndex unrestricted upload", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-434", "lang": "en", "description": "CWE-434 Unrestricted Upload"}]}], "affected": [{"vendor": "Juanpao", "product": "JPShop", "versions": [{"version": "1.5.02", "status": "affected"}], "modules": ["API"]}], "descriptions": [{"lang": "en", "value": "A vulnerability classified as critical has been found in Juanpao JPShop up to 1.5.02. This affects the function actionIndex of the file /api/controllers/admin/app/ComboController.php of the component API. The manipulation of the argument pic_url leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252999."}, {"lang": "de", "value": "Es wurde eine Schwachstelle in Juanpao JPShop bis 1.5.02 entdeckt. Sie wurde als kritisch eingestuft. Betroffen hiervon ist die Funktion actionIndex der Datei /api/controllers/admin/app/ComboController.php der Komponente API. Durch Beeinflussen des Arguments pic_url mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 6.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "timeline": [{"time": "2024-02-06T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2024-02-06T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2024-02-06T09:34:06.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "glzjin (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.252999", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.252999", "tags": ["signature", "permissions-required"]}, {"url": "https://note.zhaoj.in/share/H73DuWdyifaI", "tags": ["broken-link", "exploit"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-1260", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-07T15:46:28.121966Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T17:21:38.431Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:33:25.305Z"}, "title": "CVE Program Container", "references": [{"url": "https://vuldb.com/?id.252999", "tags": ["vdb-entry", "technical-description", "x_transferred"]}, {"url": "https://vuldb.com/?ctiid.252999", "tags": ["signature", "permissions-required", "x_transferred"]}, {"url": "https://note.zhaoj.in/share/H73DuWdyifaI", "tags": ["broken-link", "exploit", "x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://vuldb.com/?id.252999", "tags": ["vdb-entry", "technical-description", "x_transferred"]}, {"url": "https://vuldb.com/?ctiid.252999", "tags": ["signature", "permissions-required", "x_transferred"]}, {"url": "https://note.zhaoj.in/share/H73DuWdyifaI", "tags": ["broken-link", "exploit", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:33:25.305Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-1260", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-07T15:46:28.121966Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T15:20:39.509Z"}}], "cna": {"title": "Juanpao JPShop API ComboController.php actionIndex unrestricted upload", "credits": [{"lang": "en", "type": "reporter", "value": "glzjin (VulDB User)"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "affected": [{"vendor": "Juanpao", "modules": ["API"], "product": "JPShop", "versions": [{"status": "affected", "version": "1.5.02"}]}], "timeline": [{"lang": "en", "time": "2024-02-06T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2024-02-06T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2024-02-06T09:34:06.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.252999", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.252999", "tags": ["signature", "permissions-required"]}, {"url": "https://note.zhaoj.in/share/H73DuWdyifaI", "tags": ["broken-link", "exploit"]}], "descriptions": [{"lang": "en", "value": "A vulnerability classified as critical has been found in Juanpao JPShop up to 1.5.02. This affects the function actionIndex of the file /api/controllers/admin/app/ComboController.php of the component API. The manipulation of the argument pic_url leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252999."}, {"lang": "de", "value": "Es wurde eine Schwachstelle in Juanpao JPShop bis 1.5.02 entdeckt. Sie wurde als kritisch eingestuft. Betroffen hiervon ist die Funktion actionIndex der Datei /api/controllers/admin/app/ComboController.php der Komponente API. Durch Beeinflussen des Arguments pic_url mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-434", "description": "CWE-434 Unrestricted Upload"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2024-02-09T19:13:56.602Z"}}}, "cveMetadata": {"cveId": "CVE-2024-1260", "state": "PUBLISHED", "dateUpdated": "2024-08-01T18:33:25.305Z", "dateReserved": "2024-02-06T08:28:42.086Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2024-02-06T21:31:03.764Z", "assignerShortName": "VulDB"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:juanpao:jpshop:*:*:*:*:*:*:*:*", "matchCriteriaId": "36995D4D-14EF-451E-9C08-19CD2AAB3C6D", "versionEndIncluding": "1.5.02", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability classified as critical has been found in Juanpao JPShop up to 1.5.02. This affects the function actionIndex of the file /api/controllers/admin/app/ComboController.php of the component API. The manipulation of the argument pic_url leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252999."}, {"lang": "es", "value": "Una vulnerabilidad ha sido encontrada en Juanpao JPShop hasta 1.5.02 y clasificada como cr\u00edtica. Esto afecta la funci\u00f3n actionIndex del archivo /api/controllers/admin/app/ComboController.php del componente API. La manipulaci\u00f3n del argumento pic_url conduce a una carga sin restricciones. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-252999."}], "id": "CVE-2024-1260", "lastModified": "2024-05-17T02:35:21.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2024-02-06T22:16:14.463", "references": [{"source": "cna@vuldb.com", "tags": ["Broken Link"], "url": "https://note.zhaoj.in/share/H73DuWdyifaI"}, {"source": "cna@vuldb.com", "tags": ["Permissions Required", "Third Party Advisory"], "url": "https://vuldb.com/?ctiid.252999"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory"], "url": "https://vuldb.com/?id.252999"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-434"}], "source": "cna@vuldb.com", "type": "Secondary"}]}