mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-31 10:41:19 +00:00
40 lines
1.0 KiB
JSON
40 lines
1.0 KiB
JSON
|
{
|
||
|
|
"id": "CVE-2024-24551",
|
||
|
|
"sourceIdentifier": "vulnerability@ncsc.ch",
|
||
|
|
"published": "2024-06-24T07:15:14.760",
|
||
|
|
"lastModified": "2024-06-24T07:15:14.760",
|
||
|
|
"vulnStatus": "Received",
|
||
|
|
"descriptions": [
|
||
|
|
{
|
||
|
|
"lang": "en",
|
||
|
|
"value": "A security vulnerability has been identified in Bludit, allowing authenticated attackers to execute arbitrary code through the Image API. This vulnerability arises from improper handling of file uploads, enabling malicious actors to upload and execute PHP files."
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"metrics": {},
|
||
|
|
"weaknesses": [
|
||
|
|
{
|
||
|
|
"source": "vulnerability@ncsc.ch",
|
||
|
|
"type": "Secondary",
|
||
|
|
"description": [
|
||
|
|
{
|
||
|
|
"lang": "en",
|
||
|
|
"value": "CWE-434"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"lang": "en",
|
||
|
|
"value": "CWE-502"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"lang": "en",
|
||
|
|
"value": "CWE-77"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"references": [
|
||
|
|
{
|
||
|
|
"url": "https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit/",
|
||
|
|
"source": "vulnerability@ncsc.ch"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|