CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-40524
https://notcve.org/view.php?id=CVE-2024-40524
15 Jul 2024 — Directory Traversal vulnerability in xmind2testcase v.1.5 allows a remote attacker to execute arbitrary code via the webtool\application.py component. La vulnerabilidad de Directory Traversal en xmind2testcase v.1.5 permite a un atacante remoto ejecutar código arbitrario a través del componente webtool\application.py. • https://www.yuque.com/iceqaq/rtn9q7/cdd9w9phgxuqy4to • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2023-3852 – OpenRapid RapidCMS upload.php unrestricted upload
https://notcve.org/view.php?id=CVE-2023-3852
23 Jul 2023 — A vulnerability was found in OpenRapid RapidCMS up to 1.3.1. It has been declared as critical. This vulnerability affects unknown code of the file /admin/upload.php. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. • https://github.com/OpenRapid/rapidcms/commit/4dff387283060961c362d50105ff8da8ea40bcbe • CWE-434: Unrestricted Upload of File with Dangerous Type •