Metrics
Affected Vendors & Products
Fri, 27 Sep 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Huankemao
Huankemao scrm |
|
CPEs | cpe:2.3:a:huankemao:scrm:*:*:*:*:*:*:*:* | |
Vendors & Products |
Huankemao
Huankemao scrm |
|
Metrics |
ssvc
|
Fri, 27 Sep 2024 11:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability, which was classified as critical, has been found in HuankeMao SCRM up to 0.0.3. Affected by this issue is the function upload_domain_verification_file of the file WxkConfig.php of the component Administrator Backend. The manipulation of the argument domain_verification_file leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |
Title | HuankeMao SCRM Administrator Backend WxkConfig.php upload_domain_verification_file unrestricted upload | |
Weaknesses | CWE-434 | |
References |
| |
Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published: 2024-09-27T11:00:11.336Z
Updated: 2024-09-27T14:58:00.573Z
Reserved: 2024-09-27T05:36:12.811Z
Link: CVE-2024-9278
Updated: 2024-09-27T14:57:55.122Z
Status : Awaiting Analysis
Published: 2024-09-27T11:15:14.877
Modified: 2024-09-30T12:45:57.823
Link: CVE-2024-9278
No data.