1 results (0.002 seconds)
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2406 – Gacjie Server Upload.php index unrestricted upload
https://notcve.org/view.php?id=CVE-2024-2406
A vulnerability, which was classified as critical, was found in Gacjie Server up to 1.0. This affects the function index of the file /app/admin/controller/Upload.php. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://note.zhaoj.in/share/7kZiVRqSuiMx https://vuldb.com/?ctiid.256503 https://vuldb.com/?id.256503 • CWE-434: Unrestricted Upload of File with Dangerous Type •