CVE-2024-13144

Medium CVSS: 5.3

A vulnerability classified as critical has been found in zhenfeng13 My-Blog 1.0. Affected is the function uploadFileByEditomd of the file src/main/java/com/site/blog/my/core/controller/admin/BlogController.java. The manipulation of the argument editormd-image-file leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Vendor

Zhenfeng13

Product

My-blog

CWE

CWE-284

Yayın Tarihi

2025-01-06 00:15:05

Güncelleme

2025-08-22 21:44:51

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-284 My-blog MEDIUM Zhenfeng13 2025

Referanslar

https://github.com/ZHENFENG13/My-Blog/issues/140 https://github.com/ZHENFENG13/My-Blog/issues/140#issue-2759813820 https://vuldb.com/?ctiid.290232 https://vuldb.com/?id.290232 https://vuldb.com/?submit.469220

Benzer Kayıtlar

Medium

CVE-2025-9101

A weakness has been identified in zhenfeng13 My-Blog up to 1.0.0. This issue affects some unknown processing of the file…

Medium

CVE-2025-9100

A security flaw has been discovered in zhenfeng13 My-Blog 1.0.0. This vulnerability affects unknown code of the file /bl…

Medium

CVE-2025-8740

A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0. It has been classified as problematic. Affected is an unkno…

Medium

CVE-2025-8739

A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0 and classified as problematic. This issue affects some unkno…

Medium

CVE-2025-3808

A vulnerability has been found in zhenfeng13 My-BBS 1.0 and classified as problematic. This vulnerability affects unknow…

Medium

CVE-2025-3807

A vulnerability, which was classified as critical, was found in zhenfeng13 My-BBS 1.0. This affects the function Upload…