VYPR
Medium severity4.8OSV Advisory· Published Sep 20, 2024· Updated Jun 17, 2026

CVE-2024-37879

CVE-2024-37879

Description

Improper input validation in /admin/config/save in User-friendly SVN (USVN) before v1.0.12 and below allows administrators to execute arbitrary code via the fields "siteTitle", "siteIco" and "siteLogo".

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Usvn/UsvnOSV2 versions
    1.0.1, 1.0.10, 1.0.11, …+ 1 more
    • (no CPE)range: 1.0.1, 1.0.10, 1.0.11, …
    • (no CPE)range: <1.0.12
  • Range: <1.0.12

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.