CVE-2024-6958 | itsourcecode University Management System 1.0 Avatar File /st_update.php personal_image unrestricted upload

Inserito da Angelo Barbosa | Lug 20, 2024 | CVE

A vulnerability classified as critical was found in itsourcecode University Management System 1.0. This vulnerability affects unknown code of the file /st_update.php of the component Avatar File Handler. The manipulation of the argument personal_image leads to unrestricted upload.

This vulnerability was named CVE-2024-6958. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-6958 | itsourcecode University Management System 1.0 Avatar File /st_update.php personal_image unrestricted upload

Post correlati

CVE-2024-26174 | Microsoft information disclosure

CVE-2023-5011 | Kashipara Group Student Information System 1.0 marks.php coursename sql injection

CVE-2024-37382 | Ab Initio Metadata Hub and Authorization Gateway up to 4.3.1.0 Server Configuration improper authorization

CVE-2024-36260 | OpenHarmony up to 4.0.1 Pre-installed Apps out-of-bounds write