{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "last_affected": "3.5.6" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.0" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.0.1" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.0.2" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.0.3" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.0.4" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.0.5" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.0.6" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.1.7" } ] }, { "events": [ { "introduced": "0" }, { "last_affected": "4.1.8" } ] } ] }, "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "last_affected": "4.1" }, { "introduced": "0" }, { "last_affected": "4.1.1" }, { "introduced": "0" }, { "last_affected": "4.1.2" }, { "introduced": "0" }, { "last_affected": "4.1.3" }, { "introduced": "0" }, { "last_affected": "4.1.4" }, { "introduced": "0" }, { "last_affected": "4.1.5" }, { "introduced": "0" }, { "last_affected": "4.1.6" }, { "introduced": "0" }, { "last_affected": "4.1.9" }, { "introduced": "0" }, { "last_affected": "4.1.10" }, { "introduced": "0" }, { "last_affected": "4.1.11" }, { "introduced": "0" }, { "last_affected": "4.1.12" } ] }, "events": [ { "introduced": "0" }, { "last_affected": "b73063957cddc6bcf186e3fcd5a0c6ec4cdbb2d0" }, { "introduced": "0" }, { "last_affected": "b414cb9d047a64977f3be01afba8f7d6acf0047d" }, { "introduced": "0" }, { "last_affected": "424d8c348cf67be6787643288d16eff8ed673faa" }, { "introduced": "0" }, { "last_affected": "cfe92d481e560df6cbf0beb85fdc9da4b12b0f50" }, { "introduced": "0" }, { "last_affected": "88b3a64a4a42737b4683bb4d47dfce46ad19c7a0" }, { "introduced": "0" }, { "last_affected": "7af075748aa117c0718317c5bc11a1106a5a7b9a" }, { "introduced": "0" }, { "last_affected": "d51391bf692419489cc7ef222c5e350dd1d589bf" }, { "introduced": "0" }, { "last_affected": "4d7e658be7f67dc657eb80cf91d642a7264bb1d5" }, { "introduced": "0" }, { "last_affected": "2181d5b925a4accf121929d1a7e5b26a4acf7392" }, { "introduced": "0" }, { "last_affected": "5fae5df9d0c552f218c3ab22054ac281e8bb5a87" }, { "introduced": "0" }, { "last_affected": "6e2d34e740e76c597cc56f99706d5dc706ed6e6a" } ], "repo": "https://github.com/kindsoft/kindeditor", "type": "GIT" } ] } ], "details": "Vulnerability in web application Kind Editor v4.1.12, kindeditor/php/upload_json.php does not check authentication before allow users to upload files.", "id": "CVE-2017-1002024", "modified": "2026-03-13T21:52:40.078934429Z", "published": "2017-09-14T13:29:01.153Z", "references": [ { "type": "WEB", "url": "http://kindeditor.org" }, { "type": "FIX", "url": "https://github.com/kindsoft/kindeditor" }, { "type": "EVIDENCE", "url": "http://www.vapidlabs.com/advisory.php?v=195" } ], "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "type": "CVSS_V3" } ] }