TVN ID | TVN-202410003 |
---|---|
CVE ID | CVE-2024-9923 |
CVSS | 4.9 (Medium) CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
Affected Products | Team+ v13.5.x |
Description | The Team+ from TEAMPLUS TECHNOLOGY does not properly validate a specific page parameter, allowing remote attackers with administrator privileges to move arbitrary system files to the website root directory and access them. |
Solution | Update to version v14.0.0 or later. |
Credit | Huding, Ginoah (DEVCORE) |
Public Date | 2024-10-14 |