A vulnerability, which was classified as critical, was found in webTareas up to 2.4. Affected is some unknown processing of the file /includes/upload.php of the component Personal Profile Picture Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
webTareas up to 2.4 Personal Profile Picture /includes/upload.php unrestricted upload
- Virtual Patching
- October 9, 2021
- 4:06 pm
Contact us to get started
CVE-2024-50919 : JPRESS 5.1.1 ON WINDOWS JSP FILE UNRESTRICTED UPLOAD
Description Jpress until v5.1.1 has arbitrary file uploads on the windows platform, and the construction of non-standard file formats such
CVE-2024-47873 : PHPOFFICE PHPSPREADSHEET UP TO 1.29.3/2.1.2/2.3.1/3.3.X SCAN/FINDCHARSET XML EXTERNAL ENTITY REFERENCE
Description PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. The XmlScanner class has a scan method which
CVE-2024-43416 : GLPI UP TO 10.0.16 INFORMATION DISCLOSURE
Description GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.17,