3 matches found
CVE-2024-25802
SKINsoft S-Museum 7.02.3 allows Unrestricted File Upload via the Add Media function. Unlike in CVE-2024-25801, the attack payload is the file content...
CVE-2024-25802
SKINsoft S-Museum 7.02.3 allows Unrestricted File Upload via the Add Media function. Unlike in CVE-2024-25801, the attack payload is the file content...
CVE-2024-25802
Affected software: SKINsoft S-Museum 7.02.3. Vulnerability: Unrestricted file upload via the Add Media function. The attack payload, in this case, is the file content (not the filename). Root cause / nature: Arbitrary file upload capability exists in the Add Media workflow. Impact (as stated): Hi...