CVE-2019-14755
HIGHLeaftecnologia Leaf Admin - Unrestricted File Upload
Title source: ruleDescription
The profile photo upload feature in Leaf Admin 61.9.0212.10 f allows Unrestricted Upload of a File with a Dangerous Type.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_misc
http://leaftecnologia.com.br/
Not Applicable x_refsource_misc
http://intruderlabs.com.br/
Third Party Advisory x_refsource_misc
https://gist.github.com/alacerda/8fd4557e585a8707e9d3b798968e24c1
Scores
CVSS v3
8.8
EPSS
0.0070
EPSS Percentile
72.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-434
Status
published
Products (1)
leaftecnologia/leaf_admin
61.9.0212.10_f
Published
Aug 15, 2019
Tracked Since
Feb 18, 2026