How severe is CVE-2024-51919?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9 out of 10.

What type of vulnerability is CVE-2024-51919?

This is classified as CWE-434, which is a common weakness in software security.

CVE-2024-51919

CRITICAL Year: 2024

CVSS v3 Score

9.0

Critical

Weakness Type

CWE-434

View all →

Vulnerability Description

Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Fancy Product Designer. This issue affects Fancy Product Designer: from n/a through 6.4.3.

CVE-2019-4130

CRITICAL

CVSS:9.0(Critical)

IBM Cloud Pak System 2.3 and 2.3.0.1 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server. IBM X-Force ID: 158280.

CWE-4342019

CVE-2022-0945

CRITICAL

CVSS:9.0(Critical)

Stored XSS viva axd and cshtml file upload in star7th/showdoc in GitHub repository star7th/showdoc prior to v2.10.4.

CWE-4342022

CVE-2022-0960

CRITICAL

CVSS:9.0(Critical)

Stored XSS viva .properties file upload in GitHub repository star7th/showdoc prior to 2.10.4.

CWE-4342022

CVE-2022-0962

CRITICAL

CVSS:9.0(Critical)

Stored XSS viva .webma file upload in GitHub repository star7th/showdoc prior to 2.10.4.

CWE-4342022

CVE-2022-1045

CRITICAL

CVSS:9.0(Critical)

Stored XSS viva .svg file upload in GitHub repository polonel/trudesk prior to v1.2.0.

CWE-4342022

CVE-2022-1345

CRITICAL

CVSS:9.0(Critical)

Stored XSS viva .svg file upload in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking,...

CWE-4342022

CVE-2024-51919

Vulnerability Description

Related Vulnerabilities

CVE-2019-4130

CVE-2022-0945

CVE-2022-0960

CVE-2022-0962

CVE-2022-1045

CVE-2022-1345