CVE-2024-44871

An arbitrary file upload vulnerability in the component /admin/index.php of moziloCMS v3.0 allows attackers to execute arbitrary code via uploading a crafted file.
Configurations

Configuration 1 (hide)

cpe:2.3:a:mozilo:mozilocms:3.0:*:*:*:*:*:*:*

History

13 Sep 2024, 15:28

Type Values Removed Values Added
References () https://github.com/moziloDasEinsteigerCMS/mozilo3.0 - () https://github.com/moziloDasEinsteigerCMS/mozilo3.0 - Product
References () https://github.com/sec-fortress/Exploits/tree/main/CVE-2024-44871 - () https://github.com/sec-fortress/Exploits/tree/main/CVE-2024-44871 - Exploit, Third Party Advisory
First Time Mozilo mozilocms
Mozilo
Summary
  • (es) Una vulnerabilidad de carga de archivos arbitrarios en el componente /admin/index.php de moziloCMS v3.0 permite a los atacantes ejecutar código arbitrario mediante la carga de un archivo manipulado específicamente.
CPE cpe:2.3:a:mozilo:mozilocms:3.0:*:*:*:*:*:*:*

10 Sep 2024, 20:35

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.2
CWE CWE-434

10 Sep 2024, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-10 17:15

Updated : 2024-09-13 15:28


NVD link : CVE-2024-44871

Mitre link : CVE-2024-44871

CVE.ORG link : CVE-2024-44871


JSON object : View

Products Affected

mozilo

  • mozilocms
CWE
CWE-434

Unrestricted Upload of File with Dangerous Type