A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been classified as critical. This affects an unknown part of the file app/Core/Http/Controllers/Profile/ImagesController.php of the component Avatar Upload Page. The manipulation of the argument avatar leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-272067.
Metrics
Affected Vendors & Products
References
History
Thu, 05 Sep 2024 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Flute-cms
Flute-cms flute |
|
CPEs | cpe:2.3:a:flute-cms:flute:0.2.2.4:alpha:*:*:*:*:*:* | |
Vendors & Products |
Flute-cms
Flute-cms flute |
MITRE
Status: PUBLISHED
Assigner: VulDB
Published: 2024-07-21T08:00:06.875Z
Updated: 2024-08-01T21:45:38.371Z
Reserved: 2024-07-20T10:06:03.134Z
Link: CVE-2024-6945
Vulnrichment
Updated: 2024-08-01T21:45:38.371Z
NVD
Status : Analyzed
Published: 2024-07-21T08:15:07.140
Modified: 2024-09-05T16:14:31.237
Link: CVE-2024-6945
Redhat
No data.