How severe is CVE-2024-6647?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.7 out of 10.

What type of vulnerability is CVE-2024-6647?

This is classified as CWE-434, which is a common weakness in software security.

CVE-2024-6647 - MEDIUM Severity | CVSS 4.7

Vulnerability Description

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical has been found in Croogo up to 4.0.7. This affects an unknown part of the file admin/settings/settings/prefix/Theme of the component Setting Handler. The manipulation of the argument Content-Type leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-271053 was assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Related Vulnerabilities

CVE-2022-4732

MEDIUM

CVSS:4.7(Medium)

Unrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber prior to 1.3.2.

CWE-4342022

CVE-2023-6794

MEDIUM

CVSS:4.7(Medium)

An arbitrary file upload vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and potentia...

CWE-4342023

CVE-2024-3117

MEDIUM

CVSS:4.7(Medium)

A vulnerability classified as critical was found in YouDianCMS up to 9.5.12. This vulnerability affects unknown code of the file App\Lib\Action\Admin\ChannelAction.class.php. The manipulation of the a...

CWE-4342024

CVE-2024-3444

MEDIUM

CVSS:4.7(Medium)

A vulnerability was found in Wangshen SecGate 3600 up to 20240408. It has been classified as critical. This affects an unknown part of the file /?g=net_pro_keyword_import_save. The manipulation of the...

CWE-4342024

CVE-2024-3521

MEDIUM

CVSS:4.7(Medium)

A vulnerability was found in Byzoro Smart S80 Management Platform up to 20240317. It has been rated as critical. Affected by this issue is some unknown functionality of the file /useratte/userattestat...

CWE-4342024

CVE-2024-45644

MEDIUM

CVSS:4.7(Medium)

IBM Security ReaQta 3.12 allows a privileged user to upload or transfer files of dangerous types that can be automatically processed within the product's environment.

CWE-4342024