CVE-2024-29368

An arbitrary file upload vulnerability in the file handling module of moziloCMS v2.0 allows attackers to bypass extension restrictions via file renaming, potentially leading to unauthorized file execution or storage of malicious content.
References
Link Resource
https://github.com/becpn/mozilocms Exploit Third Party Advisory
https://github.com/becpn/mozilocms Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:mozilo:mozilocms:2.0:*:*:*:*:*:*:*

History

30 Apr 2025, 16:45

Type Values Removed Values Added
First Time Mozilo mozilocms
Mozilo
References () https://github.com/becpn/mozilocms - () https://github.com/becpn/mozilocms - Exploit, Third Party Advisory
CPE cpe:2.3:a:mozilo:mozilocms:2.0:*:*:*:*:*:*:*

21 Nov 2024, 09:07

Type Values Removed Values Added
References () https://github.com/becpn/mozilocms - () https://github.com/becpn/mozilocms -

05 Nov 2024, 17:35

Type Values Removed Values Added
CWE CWE-434
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.5

23 Apr 2024, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-04-22 21:15

Updated : 2025-04-30 16:45


NVD link : CVE-2024-29368

Mitre link : CVE-2024-29368

CVE.ORG link : CVE-2024-29368


JSON object : View

Products Affected

mozilo

  • mozilocms
CWE
CWE-434

Unrestricted Upload of File with Dangerous Type