VYPR
Critical severity10.0NVD Advisory· Published Jan 2, 2025· Updated Apr 15, 2026

CVE-2024-56829

CVE-2024-56829

Description

Huang Yaoshi Pharmaceutical Management Software through 16.0 allows arbitrary file upload via a .asp filename in the fileName element of the UploadFile element in a SOAP request to /XSDService.asmx.

Affected products

1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.