Vulnerability Database

296,147

Total vulnerabilities in the database

CVE-2024-26483

An arbitrary file upload vulnerability in the Profile Image module of Kirby CMS v4.1.0 allows attackers to execute arbitrary code via a crafted PDF file.

CVSS v3:

  • Severity: Unknown
  • Score:
  • AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
Composer icon getkirby / cms - 3.6.6.5
Composer icon getkirby / cms 3.7.0 3.7.5.4
Composer icon getkirby / cms 3.8.0 3.8.4.3
Composer icon getkirby / cms 3.9.0 3.9.8.1
Composer icon getkirby / cms 3.10.0 3.10.0.x
Composer icon getkirby / cms 3.10.0 3.10.0.1
Composer icon getkirby / cms 4.0.0 4.1.1
getkirby / kirby - 3.6.6.5
getkirby / kirby 3.7.0 3.7.5.4
getkirby / kirby 3.8.0 3.8.4.3
getkirby / kirby 3.9.0 3.9.8.1
getkirby / kirby 4.0.0 4.1.1.x
getkirby / kirby 3.10.0 3.10.0.x