CVE-2024-13191 Information

Description

A vulnerability which was classified as critical has been found in ZeroWdd myblog 1.0. This issue affects the function upload of the file src/main/java/com/wdd/myblog/controller/admin/uploadController.java. The manipulation of the argument file leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Reference

https://github.com/ZeroWdd/myblog/issues/3 https://github.com/ZeroWdd/myblog/issues/3#issue-2759839215 https://vuldb.com/?ctiid.290783 https://vuldb.com/?id.290783 https://vuldb.com/?submit.469229