1 results (0.003 seconds)
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-0648 – Yunyou CMS Common.php unrestricted upload
https://notcve.org/view.php?id=CVE-2024-0648
17 Jan 2024 — A vulnerability has been found in Yunyou CMS up to 2.2.6 and classified as critical. This vulnerability affects unknown code of the file /app/index/controller/Common.php. The manipulation of the argument templateFile leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://note.zhaoj.in/share/FO8AL78oAeTS • CWE-434: Unrestricted Upload of File with Dangerous Type •