Submit #294871: 74CMS 74CMS v3.28.0 File Uploadinfo

Title74CMS 74CMS v3.28.0 File Upload
DescriptionThe function application/v1_0/controller/company/Index.php#sendCompanyLogo has a vulnerability for arbitrary file uploads, requiring only the permissions of any registered frontend company user.
Source⚠️ https://gist.github.com/Southseast/9f5284d8ee0f6d91e72eef73b285512a
User
 Southseast (UID 65123)
Submission03/07/2024 15:17 (2 years ago)
Moderation03/16/2024 08:00 (9 days later)
StatusAccepted
VulDB entry257060 [74CMS 3.28.0 Company Logo Index.php#sendCompanyLogo imgBase64 unrestricted upload]
Points17

PreviousOverviewNext

Want to stay up to date on a daily basis?

Enable the mail alert feature now!