2 matches found
CVE-2024-1260
creationtimestamp| type| source ---|---|--- 2024-02-06 23:31:32+00:00| seen| https://t.me/ctinow/180402 2024-03-01 08:41:24+00:00| seen| https://t.me/ctinow/197393 2025-05-07 20:23:03+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15421...
CVE-2024-1260
The CVE-2024-1260 issue affects Juanpao JPShop up to version 1.5.02, specifically the API component’s /api/controllers/admin/app/ComboController.php actionIndex. The root cause is improper handling of the pic_url parameter, enabling unrestricted uploads and enabling remote exploitation; multiple ...