Tmall_demo v2024.07.03 was discovered to contain an arbitrary file upload via the component uploadUserHeadImage.
References
| Link | Resource |
|---|---|
| https://gitee.com/project_team/Tmall_demo/issues/IAANVC | Issue Tracking |
| https://gitee.com/project_team/Tmall_demo/issues/IAANVC | Issue Tracking |
Configurations
History
13 Jun 2025, 12:50
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://gitee.com/project_team/Tmall_demo/issues/IAANVC - Issue Tracking |
13 Jun 2025, 00:04
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Project Team
Project Team tmall Demo |
|
| CPE | cpe:2.3:a:project_team:tmall_demo:2024-07-03:*:*:*:*:*:*:* | |
| References | () https://gitee.com/project_team/Tmall_demo/issues/IAANVC - Third Party Advisory |
21 Nov 2024, 09:31
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://gitee.com/project_team/Tmall_demo/issues/IAANVC - |
01 Aug 2024, 13:57
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.9 |
| CWE | CWE-434 |
16 Jul 2024, 13:43
| Type | Values Removed | Values Added |
|---|---|---|
| Summary |
|
15 Jul 2024, 16:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-07-15 16:15
Updated : 2025-06-13 12:50
NVD link : CVE-2024-40553
Mitre link : CVE-2024-40553
CVE.ORG link : CVE-2024-40553
JSON object : View
Products Affected
project_team
- tmall_demo
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type