2 matches found
Exploit for Unrestricted Upload of File with Dangerous Type in Vvveb Vvvebjs
CVE-2024-29272 This is a Proof-of-Concept fo...
CVE-2024-29272
CVE-2024-29272 affects VvvebJs prior to 1.7.5. An unauthenticated attacker can upload arbitrary files via the sanitizeFileName parameter in save.php, enabling potential remote code execution and exposure of sensitive data. The CVSSv3.1 base score is 6.5 (Medium) with network attack vector, no pri...