SKINsoft S-Museum 7.02.3 allows Unrestricted File Upload via the Add Media function. Unlike in CVE-2024-25801, the attack payload is the file content.
Metrics
Affected Vendors & Products
References
History
Wed, 30 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Skinsoft
Skinsoft s-museum |
|
Weaknesses | CWE-434 | |
CPEs | cpe:2.3:a:skinsoft:s-museum:7.02.3:*:*:*:*:*:*:* | |
Vendors & Products |
Skinsoft
Skinsoft s-museum |
|
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-02-22T00:00:00
Updated: 2024-10-30T14:01:17.260Z
Reserved: 2024-02-12T00:00:00
Link: CVE-2024-25802
Vulnrichment
Updated: 2024-08-01T23:52:05.855Z
NVD
Status : Awaiting Analysis
Published: 2024-02-22T18:15:48.837
Modified: 2024-11-21T09:01:21.880
Link: CVE-2024-25802
Redhat
No data.