Lucene search

CVE-2024-1659

🗓️ 12 Jun 2024 14:10:15Reported by CERT-PLType

Arbitrary File Upload vulnerability in MegaBIP software allows unauthenticated attacker to upload any file, including PHP code, affecting versions through 5.1

Reporter	Title	Published	Views	Family All 3
NVD	CVE-2024-1659	12 Jun 202414:15	–	nvd
Vulnrichment	CVE-2024-1659 Arbitrary File Upload in MegaBIP	12 Jun 202413:48	–	vulnrichment
Cvelist	CVE-2024-1659 Arbitrary File Upload in MegaBIP	12 Jun 202413:48	–	cvelist

Nvd

Node

megabip megabipRange≤5.10

[
  {
    "defaultStatus": "unaffected",
    "product": "MegaBIP",
    "repo": "https://megabip.pl/pobierz/1",
    "vendor": "Jan Syski",
    "versions": [
      {
        "lessThanOrEqual": "5.10",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
megabip	www.megabip.pl/
gov	www.gov.pl/web/cyfryzacja/rekomendacja-pelnomocnika-rzadu-ds-cyberbezpieczenstwa-dotyczaca-biuletynow-informacji-publicznej
cert	www.cert.pl/posts/2024/06/CVE-2024-1576/
cert	www.cert.pl/en/posts/2024/06/CVE-2024-1576/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

12 Jun 2024 14:15Current

9.6High risk

Vulners AI Score9.6

CVSS39.8

CVSS49.3

EPSS0.00063

SSVC

CWE-434