A vulnerability was found in Nanjing Xingyuantu Technology SparkShop up to 1.1.6. It has been rated as critical. This issue affects some unknown processing of the file /api/Common/uploadFile. The manipulation of the argument file leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-271403.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: VulDB
Published: 2024-07-14T01:31:04.360Z
Updated: 2024-08-01T21:41:04.537Z
Reserved: 2024-07-13T05:40:21.630Z
Link: CVE-2024-6730
Vulnrichment
Updated: 2024-08-01T21:41:04.537Z
NVD
Status : Awaiting Analysis
Published: 2024-07-14T02:15:03.420
Modified: 2024-07-15T13:00:34.853
Link: CVE-2024-6730
Redhat
No data.