julio-cfa/CVE-2024-33438

Unavailable

This project is no longer available (or publicly accessible) from GitHub

Releases0

Stars3

CubeCart <= 6.5.4 is vulnerable to an arbitrary file upload that leads to remote code execution (RCE).

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-33438 ↗	Apr 29, 2024Monday, 29 April 2024, 18:15	8 HIGH	—
File Upload vulnerability in CubeCart before 6.5.5 allows an authenticated user to execute arbitrary code via a crafted .phar file.