CVE-2024-51791

CRITICAL

Made I.T. Forms <2.8.0 - RCE

Title source: llm

Description

Unrestricted Upload of File with Dangerous Type vulnerability in Made I.T. Forms forms-by-made-it allows Upload a Web Shell to a Web Server.This issue affects Forms: from n/a through <= 2.8.0.

Exploits (1)

nomisec WORKING POC 1 stars
by JoshuaProvoste · poc
https://github.com/JoshuaProvoste/0-click-RCE-Exploit-for-CVE-2024-51791

References (3)

Scores

CVSS v3 10.0
EPSS 0.0102
EPSS Percentile 77.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Details

CWE
CWE-434
Status published
Products (1)
Made I.T./Forms < 2.8.0
Published Nov 11, 2024
Tracked Since Feb 18, 2026