CVE-2024-13191

Medium CVSS: 5.3

A vulnerability, which was classified as critical, has been found in ZeroWdd myblog 1.0. This issue affects the function upload of the file src/main/java/com/wdd/myblog/controller/admin/uploadController.java. The manipulation of the argument file leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Vendor

Zerowdd

Product

Myblog

CWE

CWE-284

Yayın Tarihi

2025-01-08 23:15:08

Güncelleme

2025-05-28 20:11:52

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-284 Myblog MEDIUM Zerowdd 2025

Referanslar

https://github.com/ZeroWdd/myblog/issues/3 https://github.com/ZeroWdd/myblog/issues/3#issue-2759839215 https://vuldb.com/?ctiid.290783 https://vuldb.com/?id.290783 https://vuldb.com/?submit.469229 https://github.com/ZeroWdd/myblog/issues/3 https://github.com/ZeroWdd/myblog/issues/3#issue-2759839215

Benzer Kayıtlar

Medium

CVE-2026-2201

A security vulnerability has been detected in ZeroWdd studentmanager up to 2151560fc0a50ec00426785ec1e01a3763b380d9. Thi…

Medium

CVE-2025-3587

A vulnerability classified as critical was found in ZeroWdd/code-projects studentmanager 1.0. This vulnerability affects…

Medium

CVE-2024-13192

A vulnerability, which was classified as problematic, was found in ZeroWdd myblog 1.0. Affected is the function update o…

Medium

CVE-2024-13189

A vulnerability classified as critical has been found in ZeroWdd myblog 1.0. This affects an unknown part of the file sr…

Medium

CVE-2024-13143

A vulnerability was found in ZeroWdd studentmanager 1.0. It has been rated as problematic. This issue affects the functi…

Medium

CVE-2024-13142

A vulnerability was found in ZeroWdd studentmanager 1.0. It has been declared as problematic. This vulnerability affects…