Improper input validation in /admin/config/save in User-friendly SVN (USVN) before v1.0.12 and below allows administrators to execute arbitrary code via the fields "siteTitle", "siteIco" and "siteLogo".
Metrics
Affected Vendors & Products
References
History
Fri, 20 Sep 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Fri, 20 Sep 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Improper input validation in /admin/config/save in User-friendly SVN (USVN) before v1.0.12 and below allows administrators to execute arbitrary code via the fields "siteTitle", "siteIco" and "siteLogo". | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-09-20T00:00:00
Updated: 2024-09-20T17:56:17.807Z
Reserved: 2024-06-10T00:00:00
Link: CVE-2024-37879
Vulnrichment
Updated: 2024-09-20T17:56:14.467Z
NVD
Status : Awaiting Analysis
Published: 2024-09-20T17:15:14.970
Modified: 2024-09-26T13:32:55.343
Link: CVE-2024-37879
Redhat
No data.