Lucene search
MitreVULNRICHMENT:CVE-2024-29272HistoryMar 22, 2024 - 12:00 a.m.
CVE-2024-29272
2024-03-2200:00:00
mitre
github.com
1
arbitrary file upload
vvvebjs
remote attackers
execute arbitrary code
sensitive information
sanitizefilename parameter
AI Score
7.8
Confidence
Low
EPSS
0.001
Percentile
22.6%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
total
Arbitrary File Upload vulnerability in VvvebJs before version 1.7.5, allows unauthenticated remote attackers to execute arbitrary code and obtain sensitive information via the sanitizeFileName parameter in save.php.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:givanz:vvvebjs:*:*:*:*:*:*:*:*"
],
"vendor": "givanz",
"product": "vvvebjs",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "1.7.5",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]Related
githubexploit
githubexploit
Exploit for CVE-2024-29272
2024-03-25 22:43:42
cve
cve
CVE-2024-29272
2024-03-22 04:15:11
osv
osv
CVE-2024-29272
2024-03-22 04:15:11
cvelist
cvelist
CVE-2024-29272
2024-03-22 00:00:00
nvd
nvd
CVE-2024-29272
2024-03-22 04:15:11
github
github
VvvebJs Arbitrary File Upload vulnerability
2024-03-22 06:30:24
AI Score
7.8
Confidence
Low
EPSS
0.001
Percentile
22.6%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2024-29272