CVE-2019-14755
HIGHLeaf Admin 61.9.0212.10 - Unrestricted Upload of File with Dangerous Type via Profile Photo Feature
Title source: llmDescription
The profile photo upload feature in Leaf Admin 61.9.0212.10 f allows Unrestricted Upload of a File with a Dangerous Type.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_misc
http://leaftecnologia.com.br/
Not Applicable x_refsource_misc
http://intruderlabs.com.br/
Third Party Advisory x_refsource_misc
https://gist.github.com/alacerda/8fd4557e585a8707e9d3b798968e24c1
Scores
CVSS v3
8.8
EPSS
0.0172
EPSS Percentile
74.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-434
Status
published
Products (1)
leaftecnologia/leaf_admin
61.9.0212.10_f
Published
Aug 15, 2019
Tracked Since
Feb 18, 2026