1 results (0.001 seconds)
CVSS: 6.3EPSS: %CPEs: 1EXPL: 1
CVSS: 6.3EPSS: %CPEs: 1EXPL: 1CVE-2024-34906
https://notcve.org/view.php?id=CVE-2024-34906
An arbitrary file upload vulnerability in dootask v0.30.13 allows attackers to execute arbitrary code via uploading a crafted PDF file. Una vulnerabilidad de carga de archivos arbitrarios en dootask v0.30.13 permite a los atacantes ejecutar código arbitrario cargando un archivo PDF manipulado. • https://github.com/kuaifan/dootask/issues/210 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-434: Unrestricted Upload of File with Dangerous Type •