NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2024-37879

Summary	Improper input validation in /admin/config/save in User-friendly SVN (USVN) before v1.0.12 and below allows administrators to execute arbitrary code via the fields "siteTitle", "siteIco" and "siteLogo".
Publication Date	Sept. 21, 2024, 2:15 a.m.
Registration Date	Sept. 21, 2024, 5 a.m.
Last Update	Nov. 2, 2024, 6:35 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://www.usvn.info/news.html
2	https://github.com/usvn/usvn/commit/6b4678954fca9635154743b95ff9c8947cf5f46f
3	https://github.com/usvn/usvn/releases/tag/1.0.12
4	https://www.usvn.info/2024/06/09/usvn-1.0.12

Common Vulnerabilities List