CVE-2024-13144 – Zhenfeng13 My-Blog File Upload Vulnerability (Unrestricted File Upload)

1月 6, 2025
1:18 am

CVE ID : CVE-2024-13144

Published : Jan. 6, 2025, 12:15 a.m. | 1 hour, 3 minutes ago

Description : A vulnerability classified as critical has been found in zhenfeng13 My-Blog 1.0. Affected is the function uploadFileByEditomd of the file src/main/java/com/site/blog/my/core/controller/admin/BlogController.java. The manipulation of the argument editormd-image-file leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-13144 – Zhenfeng13 My-Blog File Upload Vulnerability (Unrestricted File Upload)

Elvescore.io

Recent Posts

CVE-2024-11681 – MacPorts Command Injection Vulnerability

CVE-2025-0295 – Code-Projects Online Book Shop Cross-Site Scripting Vulnerability

CVE-2025-0296 – Code-projects Online Book Shop SQL Injection Vulnerability

CVE-2025-0294 – SourceCodester Home Clean Services Management System SQL Injection Vulnerability

CVE-2024-12131 – WordPress WP Job Portal Insecure Direct Object Reference

CVE-2024-12426 – LibreOffice Environmental Variable Exfiltration

CVE-2024-13144 – Zhenfeng13 My-Blog File Upload Vulnerability (Unrestricted File Upload)

CVE-2024-13144 – Zhenfeng13 My-Blog File Upload Vulnerability (Unrestricted File Upload)