CVE-2024-5145 | SourceCodester Vehicle Management System up to 1.0 HTTP POST Request /newdriver.php file unrestricted upload

Posted by Angelo Barbosa | May 20, 2024 | CVE

A vulnerability was found in SourceCodester Vehicle Management System up to 1.0 and classified as critical. This issue affects some unknown processing of the file /newdriver.php of the component HTTP POST Request Handler. The manipulation of the argument file leads to unrestricted upload.

The identification of this vulnerability is CVE-2024-5145. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-5145 | SourceCodester Vehicle Management System up to 1.0 HTTP POST Request /newdriver.php file unrestricted upload

Related Posts

CVE-2024-43438 | Moodle Feedback Non-Respondents Report resource injection

CVE-2024-5094 | SourceCodester Best House Rental Management System 1.0 view_payment.php id sql injection

CVE-2023-42962 | Apple iOS/iPadOS up to 16.7.2/17.1 denial of service

CVE-2024-27897 | Huawei HarmonyOS/EMUI Call Module information disclosure