8 matches found
EUVD-2024-35384
Malicious code in bioql PyPI...
CVE-2024-35592
An arbitrary file upload vulnerability in the Upload function of Box-IM v2.0 allows attackers to execute arbitrary code via uploading a crafted PDF file...
CVE-2024-35592
An arbitrary file upload vulnerability in the Upload function of Box-IM v2.0 allows attackers to execute arbitrary code via uploading a crafted PDF file...
CVE-2024-35592
An arbitrary file upload vulnerability in the Upload function of Box-IM v2.0 allows attackers to execute arbitrary code via uploading a crafted PDF file...
CVE-2024-35592
CVE-2024-35592 affects Box-IM, specifically version 2.0. The vulnerability is an arbitrary file upload in the Upload function that enables arbitrary code execution via a crafted PDF file. The available sources indicate a high-severity impact (CVSS 3.1: 9.6, CRITICAL) with network vector, no privi...
CVE-2024-35592
An arbitrary file upload vulnerability in the Upload function of Box-IM v2.0 allows attackers to execute arbitrary code via uploading a crafted PDF file...
Box-IM 安全漏洞
Box-IM is an open source Box-IM chat tool modeled after WeChat. A security vulnerability exists in Box-IM v2.0, which originates from an arbitrary file upload vulnerability in the upload function, allowing an attacker to execute arbitrary code by uploading a well-designed PDF file...
PT-2024-26564 · Box-Im · Box-Im
Name of the Vulnerable Software and Affected Versions: Box-IM version 2.0 Description: The issue allows attackers to execute arbitrary code via uploading a crafted PDF file, exploiting an arbitrary file upload vulnerability in the Upload function. Recommendations: For Box-IM version 2.0, consider...