Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2024-42640

🗓️ 11 Oct 2024 00:00:00Reported by mitreType 
cve
 cve🔗 web.nvd.nist.gov👁 67 Views🌐 WEB

angular-base64-upload v0.1.21 unauthenticated remote code execution vul

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
GithubExploit		Exploit for CVE-2024-42640
9 Oct 202414:35
githubexploit
GithubExploit		Exploit for CVE-2024-42640
19 Nov 202423:54
githubexploit
Circl		CVE-2024-42640
11 Oct 202421:43
circl
CNNVD		angular-base64-upload 安全漏洞
11 Oct 202400:00
cnnvd
Cvelist		CVE-2024-42640
11 Oct 202400:00
cvelist
Exploit DB		Angular-Base64-Upload Library 0.1.20 - Remote Code Execution (RCE)
4 Apr 202500:00
exploitdb
Exploit DB		Angular-Base64-Upload Library 0.1.21 - Unauthenticated Remote Code Execution (RCE)
17 Apr 202500:00
exploitdb
Github Security Blog		angular-base64-upload vulnerable to unauthenticated remote code execution
11 Oct 202418:32
github
Nuclei		Angular-Base64-Upload - Remote Code Execution
2 Jun 202610:14
nuclei
NVD		CVE-2024-42640
11 Oct 202416:15
nvd
Rows per page
Vulnrichment
Node
angular-base64-upload-projectangular-base64-uploadRange00.1.21
ParameterPositionPathDescriptionCWE
base64request body/bower_components/angular-base64-upload/demo/server.phpUnauthenticated upload endpoint enabling arbitrary content upload leading to code execution via angular-base64-upload/demo/server.phpCWE-434
filenamerequest body/bower_components/angular-base64-upload/demo/server.phpUnauthenticated upload endpoint enabling arbitrary content upload leading to code execution via angular-base64-upload/demo/server.phpCWE-434
base64request body/node_modules/angular-base64-upload/demo/server.phpUnauthenticated upload endpoint enabling arbitrary content upload leading to code execution via angular-base64-upload/demo/server.phpCWE-434
filenamerequest body/node_modules/angular-base64-upload/demo/server.phpUnauthenticated upload endpoint enabling arbitrary content upload leading to code execution via angular-base64-upload/demo/server.phpCWE-434

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
15 Apr 2026 00:35Current
8.1High risk
Vulners AI Score8.1
CVSS 3.19.8
EPSS0.89192
SSVC
CWE-434In Wild
angular-base64-uploadunauthenticatedremote code executionserver vulnerabilityproduct support
67