Today > | 1 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-36528

June 10, 2024, 6:06 p.m.

Product(s) Impacted

nukeviet

  • 4.5 and before

nukeviet-egov

  • 1.2.02 and before

nukeviet

  • 4.5
  • before 4.5

nukeviet-egov

  • 1.2.02
  • before 1.2.02

Description

nukeviet v.4.5 and before and nukeviet-egov v.1.2.02 and before have a Deserialization vulnerability which results in code execution via /admin/extensions/download.php and /admin/extensions/upload.php.

Weaknesses

Date

Published: June 10, 2024, 3:15 p.m.

Last Modified: June 10, 2024, 6:06 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References