Lucene search

K
prionPRIOn knowledge basePRION:CVE-2024-1260
HistoryFeb 06, 2024 - 10:16 p.m.

Design/Logic Flaw

2024-02-0622:16:00
PRIOn knowledge base
www.prio-n.com
11
design flaw
logic flaw
critical vulnerability
juanpao jpshop
unrestricted upload
remote attack
file upload
api component
public disclosure
vdb-252999
nvd.

AI Score

7.2

Confidence

Low

EPSS

0.001

Percentile

27.3%

A vulnerability classified as critical has been found in Juanpao JPShop up to 1.5.02. This affects the function actionIndex of the file /api/controllers/admin/app/ComboController.php of the component API. The manipulation of the argument pic_url leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252999.

AI Score

7.2

Confidence

Low

EPSS

0.001

Percentile

27.3%

Related for PRION:CVE-2024-1260