CVE-2024-4923 | Codezips E-Commerce Site 1.0 admin/addproduct.php profilepic unrestricted upload

Posted by Angelo Barbosa | May 15, 2024 | CVE

A vulnerability has been found in Codezips E-Commerce Site 1.0 and classified as critical. This vulnerability affects unknown code of the file admin/addproduct.php. The manipulation of the argument profilepic leads to unrestricted upload.

This vulnerability was named CVE-2024-4923. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-4923 | Codezips E-Commerce Site 1.0 admin/addproduct.php profilepic unrestricted upload

Related Posts

CVE-2024-5243 | TP-Link Omada ER605 buffer overflow

CVE-2024-33654 | Siemens Simcenter Femap up to 2401.0000 BMP File out-of-bounds (ssa-064222)

CVE-2021-47131 | Linux Kernel up to 5.10.42/5.12/5.12.9 TLS tls_device_down use after free (f1d4184f128d/0f1e6fe66977/c55dcdd435aa)

CVE-2023-45609 | POWR Contact Form Plugin up to 2.1.0 on WordPress cross site scripting