CVE-2024-8089 | SourceCodester E-Commerce System 1.0 controller.php photo unrestricted upload

Inserito da Angelo Barbosa | Ago 22, 2024 | CVE

A vulnerability was found in SourceCodester E-Commerce System 1.0. It has been classified as critical. Affected is an unknown function of the file /ecommerce/admin/products/controller.php. The manipulation of the argument photo leads to unrestricted upload.

This vulnerability is traded as CVE-2024-8089. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-8089 | SourceCodester E-Commerce System 1.0 controller.php photo unrestricted upload

Post correlati

CVE-2024-5987 | WP Accessibility Helper Plugin up to 0.6.2.8 on WordPress Setting authorization

CVE-2023-6649 | PHPGurukul Teacher Subject Allocation Management System 1.0 index.php searchdata cross site scripting

CVE-2024-38635 | Linux Kernel up to 6.9.3 soundwire array index

CVE-2024-7443 | Vivotek IB8367A VVTK-0100b upload_file.cgi getenv QUERY_STRING command injection