CVE-2024-52450

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Nov 20, 2024

Updated: Nov 21, 2024

CWE ID 98

Summary

CVE-2024-52450 is a newly disclosed vulnerability affecting the nBlocks PHP application. This issue arises from the improper handling of filename inclusion statements within the application, which enables an attacker to include local files on a targeted system. Consequently, this vulnerability, classified as PHP Local File Inclusion, can pose a significant risk to systems running nBlocks versions from n/a through 1.0.2. Rapid mitigation measures are recommended to prevent unauthorized access and potential data breaches.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/0a4nXV
https://www.cve.org/CVERecord?id=CVE-2024-52450
https://nvd.nist.gov/vuln/detail/CVE-2024-52450

Back to Vulnerability Database

CVE-2024-52450

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations