VYPR
Critical severity9.8OSV Advisory· Published May 17, 2024· Updated Jun 17, 2026

CVE-2024-34982

CVE-2024-34982

Description

An arbitrary file upload vulnerability in the component /include/file.php of lylme_spage v1.9.5 allows attackers to execute arbitrary code via uploading a crafted file.

Affected products

2
  • Lylme/Lylme SpageOSV2 versions
    v0.2.0-beta, v0.2.1, v1.0, …+ 1 more
    • (no CPE)range: v0.2.0-beta, v0.2.1, v1.0, …
    • (no CPE)range: =1.9.5

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.