PT-2024-30352 · Berqwp · Berqwp
Dave Jong
·
Published
2024-08-13
·
Updated
2024-08-17
·
CVE-2024-43160
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
BerqWP versions 1.7.6 and earlier
Description
The issue is related to an Unrestricted Upload of File with Dangerous Type vulnerability, which allows Code Injection. This vulnerability affects BerqWP and can be exploited to inject code.
Recommendations
For BerqWP versions 1.7.6 and earlier, update to a version that fixes this issue. As a temporary workaround, consider restricting file uploads to prevent the exploitation of this vulnerability. Restrict access to sensitive areas of the application to minimize the risk of code injection.
Fix
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Berqwp