An issue in Wanxing Technology's Yitu project Management...
Critical severity
Unreviewed
Published
Oct 15, 2024
to the GitHub Advisory Database
•
Updated Oct 17, 2024
Description
Published by the National Vulnerability Database
Oct 15, 2024
Published to the GitHub Advisory Database
Oct 15, 2024
Last updated
Oct 17, 2024
An issue in Wanxing Technology's Yitu project Management Software 3.2.2 allows a remote attacker to execute arbitrary code via the platformpluginpath parameter to specify that the qt plugin loads the directory.
References