CVE-2025-2671 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A vulnerability was found in Yue Lao Blind Box 月老盲盒 up to 4.0. It has been declared as critical. This vulnerability affects the function base64image of the file…
Medium CVSS: 5.3

CVE-2025-2671

A vulnerability was found in Yue Lao Blind Box 月老盲盒 up to 4.0. It has been declared as critical. This vulnerability affects the function base64image of the file /app/controller/Upload.php. The manipulation of the argument data leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Vendor
-
Product
-
CWE
CWE-284
Yayın Tarihi
2025-03-23 22:15:13
Güncelleme
2025-03-23 22:15:13
Source Identifier
cna@vuldb.com
KEV Date Added
-

Kategoriler

CWE-284 MEDIUM 2025

Referanslar

https://vuldb.com/?ctiid.300688 https://vuldb.com/?id.300688 https://vuldb.com/?submit.521169 https://www.jianshu.com/p/f8ca5e3cd889