CVE-2024-31820

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-31820

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-31820.json

Published

2024-04-29T18:15:07Z

Modified

2024-05-14T20:12:09Z

Summary

[none]

Details

An issue in Ecommerce-CodeIgniter-Bootstrap commit v. d22b54e8915f167a135046ceb857caaf8479c4da allows a remote attacker to execute arbitrary code via the getLangFolderForEdit method of the Languages.php component.

References

https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/commit/d22b54e8915f167a135046ceb857caaf8479c4da
https://gist.github.com/LioTree/890b0eea95fce6225d820afe4e3510e9
https://liotree.github.io/2023/Ecommerce-CodeIgniter-Bootstrap.html

Affected packages

Git / github.com/kirilkirkov/ecommerce-codeigniter-bootstrap

Affected ranges

Type: GIT
Repo: https://github.com/kirilkirkov/ecommerce-codeigniter-bootstrap
Events: Introduced

0The exact introduced commit is unknown

Fixed

d22b54e8915f167a135046ceb857caaf8479c4da