CVE-2024-36531

June 10, 2024, 6:06 p.m.

Tags

cve@mitre.org
2024-06-10
CVE-2024-36531

Product(s) Impacted

nukeviet

  • 4.5 and before

nukeviet-egov

  • 1.2.02 and before

nukeviet

  • 4.5
  • before

nukeviet-egov

  • 1.2.02
  • before

Description

nukeviet v.4.5 and before and nukeviet-egov v.1.2.02 and before are vulnerable to arbitrary code execution via the /admin/extensions/upload.php component.

Weaknesses

Date

Published: June 10, 2024, 3:15 p.m.

Last Modified: June 10, 2024, 6:06 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References

https://mat4mee.notion.site/Module-upload-in-nukeViet-leads-to-RCE-01ff3ff4c80d402d8c7c8a2b15a24c33
cve@mitre.org