1 results (0.001 seconds)
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-36528
https://notcve.org/view.php?id=CVE-2024-36528
10 Jun 2024 — nukeviet v.4.5 and before and nukeviet-egov v.1.2.02 and before have a Deserialization vulnerability which results in code execution via /admin/extensions/download.php and /admin/extensions/upload.php. • https://mat4mee.notion.site/2-bug-chains-in-nukeViet-lead-to-RCE-bdd42b20b05a448fbe87c752b41bb15f • CWE-502: Deserialization of Untrusted Data •