CVE-2024-50658 Information

Description

Server-Side Template Injection (SSTI) was found in AdPortal 3.0.39 allows a remote attacker to execute arbitrary code via the shippingAsBilling and firstname parameters in updateuserinfo.html file

Reference

http://adportal.com http://ipublish.com https://petercipolone.info/wp-content/uploads/2025/01/iPublishMedia_AdPortal3.0.39_CVEs.pdf