Submit #294871: 74CMS 74CMS v3.28.0 File Uploadinfo

Titel	74CMS 74CMS v3.28.0 File Upload
Beschreibung	The function application/v1_0/controller/company/Index.php#sendCompanyLogo has a vulnerability for arbitrary file uploads, requiring only the permissions of any registered frontend company user.
Quelle	⚠️ https://gist.github.com/Southseast/9f5284d8ee0f6d91e72eef73b285512a
Benutzer	Southseast (UID 65123)
Einreichung	07.03.2024 15:17 (vor 2 Jahren)
Moderieren	16.03.2024 08:00 (9 days later)
Status	Akzeptiert
VulDB Eintrag	257060 [74CMS 3.28.0 Company Logo Index.php#sendCompanyLogo imgBase64 erweiterte Rechte]
Punkte	17

Interested in the pricing of exploits?

See the underground prices here!