A vulnerability classified as critical has been found in Gargaj wuhu up to 3faad49bfcc3895e9ff76a591d05c8941273d120. Affected is an unknown function of the file /slideeditor.php of the component Slide Editor. The manipulation of the argument newSlideFile leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. VDB-272070 is the identifier assigned to this vulnerability.
References
Link | Resource |
---|---|
https://github.com/DeepMountains/Mirage/blob/main/CVE4-1.md | Broken Link |
https://vuldb.com/?ctiid.272070 | Permissions Required |
https://vuldb.com/?id.272070 | Third Party Advisory |
https://vuldb.com/?submit.374846 | Third Party Advisory |
Configurations
History
20 Sep 2024, 13:41
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 9.8 |
References | () https://github.com/DeepMountains/Mirage/blob/main/CVE4-1.md - Broken Link | |
References | () https://vuldb.com/?ctiid.272070 - Permissions Required | |
References | () https://vuldb.com/?id.272070 - Third Party Advisory | |
References | () https://vuldb.com/?submit.374846 - Third Party Advisory | |
First Time |
Gargaj wuhu
Gargaj |
|
CPE | cpe:2.3:a:gargaj:wuhu:*:*:*:*:*:*:*:* |
22 Jul 2024, 13:00
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
21 Jul 2024, 10:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-21 10:15
Updated : 2024-09-20 13:41
NVD link : CVE-2024-6948
Mitre link : CVE-2024-6948
CVE.ORG link : CVE-2024-6948
JSON object : View
Products Affected
gargaj
- wuhu
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type