30Mar
CVE-2024-3117 | YouDianCMS up to 9.5.12 ChannelAction.class.php file unrestricted upload
A vulnerability classified as critical was found in YouDianCMS up to 9.5.12. This vulnerability affects unknown code of the file App\Lib\Action\Admin\ChannelAction.class.php. The manipulation of the argument file leads to unrestricted upload. This vulnerability was named CVE-2024-3117. The attack can be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.