Skip to content

Instantly share code, notes, and snippets.

[CVE ID]
CVE-2024-46468
[Product]
Jpress
[Version]
Jpress <= v5.1.1
[Problem Type]
Server-Side Request Forgery
[Description]
A Server-Side Request Forgery (SSRF) vulnerability exists in the jpress <= v5.1.1, which can be exploited by an attacker to obtain sensitive information, resulting in an information disclosure.
[CVE ID]
CVE-2024-42523
[Product]
Publiccms
[Version]
publiccms <= V4.0.202302.e
[Problem Type]
Any File Upload
[Description]
publiccms <=V4.0.202302.e is vulnerable to Any File Upload via publiccms/admin/cmsTemplate/saveMetaData.