CVE-2024-10410 | SourceCodester Online Hotel Reservation System 1.0 controller.php?action=add upload image unrestricted upload

Inserito da Angelo Barbosa | Ott 26, 2024 | CVE

A vulnerability classified as critical was found in SourceCodester Online Hotel Reservation System 1.0. Affected by this vulnerability is the function upload of the file /admin/mod_room/controller.php?action=add. The manipulation of the argument image leads to unrestricted upload.

This vulnerability is known as CVE-2024-10410. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-10410 | SourceCodester Online Hotel Reservation System 1.0 controller.php?action=add upload image unrestricted upload

Post correlati

CVE-2024-25092 | NextMove Lite Plugin up to 2.17.0 on WordPress Activation authorization

CVE-2024-32502 | Samsung Exynos W930 reference count

CVE-2024-8362 | Google Chrome up to 128.0.6613.113 WebAudio use after free

CVE-2024-3013 | FLIR AX8 up to 1.46.16 User Registration test_login.php improper authorization