VYPR
Unrated severityNVD Advisory· Published Jul 16, 2024· Updated Aug 2, 2024

CVE-2024-40425

CVE-2024-40425

Description

File Upload vulnerability in Nanjin Xingyuantu Technology Co Sparkshop (Spark Mall B2C Mall v.1.1.6 and before allows a remote attacker to execute arbitrary code via the contorller/common.php component.

Affected products

2
  • Nanjin Xingyuantu Technology Co/Sparkshop (Spark Mall B2C Malldescription
  • Range: <=1.1.6

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.