CVE-2024-25274 Information

Description

An arbitrary file upload vulnerability in the component /sysFile/upload of Novel-Plus v4.3.0-RC1 allows attackers to execute arbitrary code via uploading a crafted file.

Reference

https://reference1.example.com/login https://gist.github.com/capable-Hub/725c294f1aeac729fa314a32fef55d5a