CVE-2024-1264 | Juanpao JPShop up to 1.5.02 UploadsController.php actionUpdate imgage unrestricted upload

CVE-2024-1264 | Juanpao JPShop up to 1.5.02 UploadsController.php actionUpdate imgage unrestricted upload

A vulnerability has been found in Juanpao JPShop up to 1.5.02 and classified as critical. Affected by this vulnerability is the function actionUpdate of the file /api/controllers/common/UploadsController.php. The manipulation of the argument imgage leads to unrestricted upload. This vulnerability is known as CVE-2024-1264. The attack can be launched remotely. Furthermore, there is an exploit available.