Unrestricted File Upload Vulnerability in Picsmize by Softpulse Infotech
CVE-2024-52380

Currently unrated

Key Information:

Vendor: Softpulse Infotech
Status: Picsmize
Vendor: CVE Published:; 14 November 2024

🔔 Create Softpulse Infotech Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 25%

What is CVE-2024-52380?

The vulnerability in Picsmize from Softpulse Infotech allows attackers to upload potentially malicious files, including web shells, to the server without strict validation. This presents significant security risks as an attacker can exploit this flaw to execute unauthorized commands and potentially gain control over the affected web server. It is crucial for users to ensure that they are running the latest versions of the product and implement additional security measures to mitigate this risk.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-52380
Created by RandomRobbieBF

References

https://patchstack.com/database/vulnerability/picsmize/wo...

EPSS Score

25% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Nov 25, 2024
👾
Exploit known to exist
Nov 25, 2024
Vulnerability published
Nov 14, 2024