Lucene search
K

10 matches found

redhatcve
redhatcve
added 2025/05/23 6:47 a.m.7 views

CVE-2024-46625

An authenticated arbitrary file upload vulnerability in the /documentCache/upload endpoint of InfoDom Performa 365 v4.0.1 allows attackers to execute arbitrary code via uploading a crafted SVG file...

8.8CVSS8.8AI score0.00538EPSS
Exploits0References1
nvd
nvd
added 2024/12/03 11:15 p.m.19 views

CVE-2024-46624

An issue in InfoDom Performa 365 v4.0.1 allows authenticated attackers to elevate their privileges to Administrator via a crafted payload sent to /api/users...

8.8CVSS0.00422EPSS
Exploits0References1
nvd
nvd
added 2024/12/03 10:15 p.m.13 views

CVE-2024-46625

An authenticated arbitrary file upload vulnerability in the /documentCache/upload endpoint of InfoDom Performa 365 v4.0.1 allows attackers to execute arbitrary code via uploading a crafted SVG file...

8.8CVSS0.00538EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/12/03 12:0 a.m.12 views

CVE-2024-46625

An authenticated arbitrary file upload vulnerability in the /documentCache/upload endpoint of InfoDom Performa 365 v4.0.1 allows attackers to execute arbitrary code via uploading a crafted SVG file...

7.6AI score0.00538EPSS
Exploits0References1
cvelist
cvelist
added 2024/12/03 12:0 a.m.16 views

CVE-2024-46624

An issue in InfoDom Performa 365 v4.0.1 allows authenticated attackers to elevate their privileges to Administrator via a crafted payload sent to /api/users...

0.00422EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2024/12/03 12:0 a.m.17 views

CVE-2024-46624

An issue in InfoDom Performa 365 v4.0.1 allows authenticated attackers to elevate their privileges to Administrator via a crafted payload sent to /api/users...

6.6AI score0.00422EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2024/12/03 12:0 a.m.6 views

PT-2024-32080 · Infodrom · Infodom Performa 365

Name of the Vulnerable Software and Affected Versions: InfoDom Performa 365 version 4.0.1 Description: The issue is related to an authenticated arbitrary file upload vulnerability in the "/documentCache/upload" endpoint. This allows attackers to execute arbitrary code by uploading a crafted SVG...

8.8CVSS7.5AI score0.00538EPSS
Exploits0References5
cve
cve
added 2024/12/03 12:0 a.m.86 views

CVE-2024-46624

CVE-2024-46624 affects InfoDom Performa 365 v4.0.1. An authenticated attacker can elevate privileges to Administrator by sending a crafted payload to the endpoint /api/users . The available data confirm the vulnerability and impact (high, with access network, low complexity, low privileges requir...

8.8CVSS6.8AI score0.00422EPSS
Exploits0References1
cvelist
cvelist
added 2024/12/03 12:0 a.m.14 views

CVE-2024-46625

An authenticated arbitrary file upload vulnerability in the /documentCache/upload endpoint of InfoDom Performa 365 v4.0.1 allows attackers to execute arbitrary code via uploading a crafted SVG file...

0.00538EPSS
Exploits0References1
cve
cve
added 2024/12/03 12:0 a.m.60 views

CVE-2024-46625

An authenticated arbitrary file upload vulnerability exists in InfoDom Performa 365 v4.0.1 at the /documentCache/upload endpoint. The issue allows an attacker to execute arbitrary code by uploading a crafted SVG file. Connected sources corroborate the affected version and endpoint, and describe t...

8.8CVSS7.8AI score0.00538EPSS
Exploits0References1
Rows per page
Query Builder