A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file downloadable.php of the component Add Downloadable. The manipulation leads to unrestricted upload.
This vulnerability is known as CVE-2024-0192. The attack can be launched remotely. Furthermore, there is an exploit available.