CVE-2024-46625

An authenticated arbitrary file upload vulnerability in the /documentCache/upload endpoint of InfoDom Performa 365 v4.0.1 allows attackers to execute arbitrary code via uploading a crafted SVG file...

CVE-2024-46624

An issue in InfoDom Performa 365 v4.0.1 allows authenticated attackers to elevate their privileges to Administrator via a crafted payload sent to /api/users...

CVE-2024-46624

An issue in InfoDom Performa 365 v4.0.1 allows authenticated attackers to elevate their privileges to Administrator via a crafted payload sent to /api/users...

CVE-2024-46625

An authenticated arbitrary file upload vulnerability in the /documentCache/upload endpoint of InfoDom Performa 365 v4.0.1 allows attackers to execute arbitrary code via uploading a crafted SVG file...

InfoDom Performa 安全漏洞

InfoDom Performa is a digital platform for change management from InfoDom. A security vulnerability exists in InfoDom Performa version 365 4.0.1, which stems from a vulnerability that allows authenticated attackers to elevate their privileges via a specially crafted payload sent to /api/users...

CVE-2024-46624

CVE-2024-46624 affects InfoDom Performa 365 v4.0.1. An authenticated attacker can elevate privileges to Administrator by sending a crafted payload to the endpoint /api/users . The available data confirm the vulnerability and impact (high, with access network, low complexity, low privileges requir...

CVE-2024-46625

An authenticated arbitrary file upload vulnerability in the /documentCache/upload endpoint of InfoDom Performa 365 v4.0.1 allows attackers to execute arbitrary code via uploading a crafted SVG file...

CVE-2024-46625

An authenticated arbitrary file upload vulnerability exists in InfoDom Performa 365 v4.0.1 at the /documentCache/upload endpoint. The issue allows an attacker to execute arbitrary code by uploading a crafted SVG file. Connected sources corroborate the affected version and endpoint, and describe t...

CVE-2024-46625

An authenticated arbitrary file upload vulnerability in the /documentCache/upload endpoint of InfoDom Performa 365 v4.0.1 allows attackers to execute arbitrary code via uploading a crafted SVG file...

CVE-2024-46624

An issue in InfoDom Performa 365 v4.0.1 allows authenticated attackers to elevate their privileges to Administrator via a crafted payload sent to /api/users...

CVE-2024-46624

An issue in InfoDom Performa 365 v4.0.1 allows authenticated attackers to elevate their privileges to Administrator via a crafted payload sent to /api/users...

InfoDom Performa 安全漏洞

InfoDom Performa is a digital platform for change management from InfoDom. A security vulnerability exists in InfoDom Performa version 365 4.0.1, which stems from an authenticated arbitrary file upload vulnerability in the /documentCache/upload endpoint that allows an attacker to execute arbitrar...

PT-2024-32080 · Infodrom · Infodom Performa 365

Name of the Vulnerable Software and Affected Versions: InfoDom Performa 365 version 4.0.1 Description: The issue is related to an authenticated arbitrary file upload vulnerability in the "/documentCache/upload" endpoint. This allows attackers to execute arbitrary code by uploading a crafted SVG...