CVE-2024-27489

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-27489
An issue in the DelFile() function of WMCMS v4.4 allows attackers to delete arbitrary files via a crafted POST request.
CVSS

No CVSS.

References
Link Resource
https://gist.github.com/yyyyy7777777/a36541cb60d9e55628f78f2a68968212
https://gitee.com/y1336247431/poc-public/issues/I920OW
https://gist.github.com/yyyyy7777777/a36541cb60d9e55628f78f2a68968212
https://gitee.com/y1336247431/poc-public/issues/I920OW
Configurations

No configuration.

History

21 Nov 2024, 09:04

Type Values Removed Values Added
References () https://gist.github.com/yyyyy7777777/a36541cb60d9e55628f78f2a68968212 - () https://gist.github.com/yyyyy7777777/a36541cb60d9e55628f78f2a68968212 -
References () https://gitee.com/y1336247431/poc-public/issues/I920OW - () https://gitee.com/y1336247431/poc-public/issues/I920OW -

01 Aug 2024, 13:48

Type Values Removed Values Added
CWE CWE-473
CWE-791

22 Jul 2024, 13:00

Type Values Removed Values Added
Summary
  • (es) Un problema en la función DelFile() de WMCMS v4.4 permite a los atacantes eliminar archivos arbitrarios mediante una solicitud POST manipulada.

19 Jul 2024, 15:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-07-19 15:15

Updated : 2024-11-21 09:04

NVD link : CVE-2024-27489

Mitre link : CVE-2024-27489

CVE.ORG link : CVE-2024-27489

JSON object : View

Products Affected

No product.

CWE
CWE-473

PHP External Variable Modification

CWE-791

Incomplete Filtering of Special Elements


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024