CVE-2024-4500 | SourceCodester Prison Management System 1.0 /Employee/edit-photo.php userImage unrestricted upload

Inserito da Angelo Barbosa | Mag 5, 2024 | CVE

A vulnerability was found in SourceCodester Prison Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /Employee/edit-photo.php. The manipulation of the argument userImage leads to unrestricted upload.

This vulnerability was named CVE-2024-4500. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-4500 | SourceCodester Prison Management System 1.0 /Employee/edit-photo.php userImage unrestricted upload

Post correlati

CVE-2024-2033 | Video Conferencing with Zoom Plugin up to 4.4.5 on WordPress information disclosure

CVE-2024-1053 | Event Tickets and Registration Plugin up to 5.8.1 on WordPress authorization

CVE-2024-42677 | Huizhi Enterprise Resource Management System up to 1.0 /nssys/common/filehandle information disclosure

CVE-2024-1653 | Categorify Plugin up to 1.0.7.4 on WordPress categorifyAjaxUpdateFolderPosition authorization