CVE-2024-4921 | SourceCodester Employee and Visitor Gate Pass Logging System 1.0 Users.php img unrestricted upload

Inserito da Angelo Barbosa | Mag 15, 2024 | CVE

A vulnerability classified as critical has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. Affected is an unknown function of the file /employee_gatepass/classes/Users.php?f=ssave. The manipulation of the argument img leads to unrestricted upload.

This vulnerability is traded as CVE-2024-4921. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-4921 | SourceCodester Employee and Visitor Gate Pass Logging System 1.0 Users.php img unrestricted upload

Post correlati

CVE-2023-38317 | OpenNDS up to 10.1.2 Configuration File os command injection

CVE-2023-49277 | DarrenOfficial dpaste up to 3.7 API cross site scripting (GHSA-r8j9-5cj7-cv39)

CVE-2024-43112 | Mozilla Firefox up to 128 on iOS Download Link cross site scripting

CVE-2024-41658 | Casdoor up to 1.577.0 cross site scripting (GHSL-2024-035)