Lucene search

K

[email protected]NVD:CVE-2024-33438

HistoryApr 29, 2024 - 6:15 p.m.

CVE-2024-33438

2024-04-2918:15:08

[email protected]

web.nvd.nist.gov

cubecart

vulnerability

file upload

arbitrary code

authenticated user

cve-2024-33438

.phar file

7.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.8%

File Upload vulnerability in CubeCart before 6.5.5 allows an authenticated user to execute arbitrary code via a crafted .phar file.

References

forums.cubecart.com/topic/59046-cubecart-655-released-minor-security-update/

github.com/cubecart/v6

github.com/cubecart/v6/commit/31a5ec39b0924b2111fbc3aa419bd8c5c3fc1841

github.com/julio-cfa/CVE-2024-33438

7.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.8%

Related for NVD:CVE-2024-33438

cvelist1 osv1 cve1 githubexploit1