CVE-2024-50919 : JPRESS 5.1.1 ON WINDOWS JSP FILE UNRESTRICTED UPLOAD

Description

Jpress until v5.1.1 has arbitrary file uploads on the windows platform, and the construction of non-standard file formats such as .jsp. can lead to arbitrary command execution.

References

https://github.com/JPressProjects/jpress

https://github.com/microvorld/CVE-2024/blob/main/jpress.md

https://gist.github.com/microvorld/516552dcef65acc2d1ab0fb969cd34a3

For More Information

CVERecord

Contact us to get started

CVE-2024-50282 : LINUX KERNEL UP TO 6.11.7 AMD GPU AMDGPU_DEBUGFS_GPRWAVE_READ BUFFER OVERFLOW

Description In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() Avoid a

Learn more

CVE-2024-50919 : JPRESS 5.1.1 ON WINDOWS JSP FILE UNRESTRICTED UPLOAD

Description Jpress until v5.1.1 has arbitrary file uploads on the windows platform, and the construction of non-standard file formats such

Learn more

CVE-2024-47873 : PHPOFFICE PHPSPREADSHEET UP TO 1.29.3/2.1.2/2.3.1/3.3.X SCAN/FINDCHARSET XML EXTERNAL ENTITY REFERENCE

Description PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. The XmlScanner class has a scan method which

Learn more

CVE-2024-50919 : JPRESS 5.1.1 ON WINDOWS JSP FILE UNRESTRICTED UPLOAD

Description

References

For More Information

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-50282 : LINUX KERNEL UP TO 6.11.7 AMD GPU AMDGPU_DEBUGFS_GPRWAVE_READ BUFFER OVERFLOW

CVE-2024-50919 : JPRESS 5.1.1 ON WINDOWS JSP FILE UNRESTRICTED UPLOAD

CVE-2024-47873 : PHPOFFICE PHPSPREADSHEET UP TO 1.29.3/2.1.2/2.3.1/3.3.X SCAN/FINDCHARSET XML EXTERNAL ENTITY REFERENCE