An arbitrary file upload vulnerability in the component /sysFile/upload of Novel-Plus v4.3.0-RC1 allows attackers to execute arbitrary code via uploading a crafted file.
Metrics
Affected Vendors & Products
References
History
Thu, 29 Aug 2024 21:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-434 | |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-02-20T00:00:00
Updated: 2024-08-29T15:34:16.259Z
Reserved: 2024-02-07T00:00:00
Link: CVE-2024-25274
Vulnrichment
Updated: 2024-08-01T23:44:08.332Z
NVD
Status : Awaiting Analysis
Published: 2024-02-20T16:15:10.230
Modified: 2024-08-29T20:36:19.120
Link: CVE-2024-25274
Redhat
No data.