CVE-2024-10413 | SourceCodester Online Hotel Reservation System 1.0 /guest/update.php upload image unrestricted upload

Posted by Angelo Barbosa | Oct 26, 2024 | CVE

A vulnerability, which was classified as critical, has been found in SourceCodester Online Hotel Reservation System 1.0. Affected by this issue is the function upload of the file /guest/update.php. The manipulation of the argument image leads to unrestricted upload.

This vulnerability is handled as CVE-2024-10413. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2024-10413 | SourceCodester Online Hotel Reservation System 1.0 /guest/update.php upload image unrestricted upload

Related Posts

CVE-2024-3974 | BuddyPress Plugin up to 12.4.0 on WordPress cross site scripting

CVE-2024-4258 | YotuWP Video Gallery Plugin up to 1.3.13 on WordPress file inclusion

CVE-2024-45096 | IBM Aspera Faspex up to 5.0.9 exposure of information through directory listing

CVE-2023-52344 | Unisoc T760/T770/T820/S8000 modem-ps-nas-ngmm information disclosure