Back

CVE-2024-36811

June 7, 2024, 7:24 p.m.

Awaiting Analysis
CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

Products

aimeos-core

  • v2024.04

Source

cve@mitre.org

Tags

cve@mitre.org
2024-06-07
CVE-2024-36811

CVE-2024-36811 details

Published : June 7, 2024, 7:15 p.m.
Last Modified : June 7, 2024, 7:24 p.m.

Description

An arbitrary file upload vulnerability in the image upload function of aimeos-core v2024.04 allows attackers to execute arbitrary code via uploading a crafted PHP file.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://drive.google.com/file/d/1QJWwaDB6smLCuNp10yZKWgpELTQJax31/view?usp=sharing cve@mitre.org
https://drive.google.com/file/d/1n5_t-zmKHbx3H47xdhR5kuHTDc0Gxur3/view?usp=sharing cve@mitre.org
https://github.com/aimeos/aimeos-core/commit/13e163126adff48f987b3b6faca28551effe0205 cve@mitre.org
https://github.com/aimeos/aimeos-core/commit/5eea7aa933ac7402044bc6d282f96fba44475ee2 cve@mitre.org
https://github.com/ssshah2131/CVE/blob/main/Aimeos_RCE cve@mitre.org
This website uses the NVD API, but is not approved or certified by it.