CVE Catalog
CVE-2024-50660
CriticalCVSS 9.8Exploitation Probability (EPSS)
Elevated risk0.87%
54th percentile - higher than 54% of all known CVEs
Summary
A file upload bypass vulnerability in AdPortal 3.0.39 allows a remote attacker to execute arbitrary code via the file upload functionality.
Risk Assessment
An attacker can upload a malicious file and gain full control over the server, leading to compromise of data confidentiality, integrity, and availability.
Recommendation
Immediately update AdPortal to the latest version and implement file type validation and permission restrictions on the upload directory.
Original NVD description (English source)
File Upload Bypass was found in AdPortal 3.0.39 allows a remote attacker to execute arbitrary code via the file upload functionality

