CVE-2024-33752

Name of the Vulnerable Software and Affected Versions emlog pro versions 2.3.0 through 2.3.2

Description An arbitrary file upload issue exists at admin/views/plugin.php, allowing a remote attacker to submit a special request and upload a malicious file to execute arbitrary code.

Recommendations For emlog pro versions 2.3.0 and 2.3.2, consider restricting access to the admin/views/plugin.php file until a patch is available. As a temporary workaround, avoid using the plugin functionality in the affected versions to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.