CVE-2024-40400

An arbitrary file upload vulnerability in the image upload function of Automad v2.0.0 allows attackers to execute arbitrary code via a crafted file.

CVSS

No CVSS.

References

Link	Resource
https://github.com/marcantondahmen/automad/issues/106	Exploit Issue Tracking Vendor Advisory
https://github.com/marcantondahmen/automad/issues/106	Exploit Issue Tracking Vendor Advisory

Configurations

Configuration 1 (hide)

History

04 Jun 2025, 16:46

Type	Values Removed	Values Added
First Time		Automad Automad automad
CPE		cpe:2.3:a:automad:automad:2.0.0:alpha1:::::: cpe:2.3:a:automad:automad:2.0.0:alpha3:::::: cpe:2.3:a:automad:automad:::::::: cpe:2.3:a:automad:automad:2.0.0:alpha2:::::: cpe:2.3:a:automad:automad:2.0.0:alpha4::::::
References	~~() https://github.com/marcantondahmen/automad/issues/106 -~~	() https://github.com/marcantondahmen/automad/issues/106 - Exploit, Issue Tracking, Vendor Advisory

19 Jul 2024, 19:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-07-19 19:15

Updated : 2025-06-04 16:46

NVD link : CVE-2024-40400

Mitre link : CVE-2024-40400

JSON object : View

Products Affected

automad

CWE

No CWE.