CVE-2024-50660
File Upload Bypass was found in AdPortal 3.0.39 allows a remote attacker to execute arbitrary code via the file upload functionality
CVE-2024-50659
Cross Site Scripting vulnerability iPublish Media Solutions AdPortal 3.0.39 allows a remote attacker to escalate privileges via the shippingAsBilling parameter in updateuserinfo.html.
CVE-2024-50658
Server-Side Template Injection (SSTI) was found in AdPortal 3.0.39 allows a remote attacker to execute arbitrary code via the shippingAsBilling and firstname parameters in updateuserinfo.html file