2 matches found
PT-2024-37984 · Flute Cms · Flute Cms
Name of the Vulnerable Software and Affected Versions: Flute CMS version 0.2.2.4-alpha Description: A critical issue affects the Avatar Upload Page component, specifically the file app/Core/Http/Controllers/Profile/ImagesController.php. The manipulation of the avatar argument leads to unrestricte...
PT-2023-14965 · 72Crm · 72Crm
Name of the Vulnerable Software and Affected Versions: 72crm version 9 Description: The issue is related to an arbitrary file upload vulnerability via the avatar upload function, allowing attackers to execute arbitrary code by uploading a crafted PHP file. Recommendations: For 72crm version 9,...