CVE-2024-10766 | Codezips Free Exam Hall Seating Management System 1.0 /pages/save_user.php image unrestricted upload

Posted by Angelo Barbosa | Nov 4, 2024 | CVE

A vulnerability, which was classified as critical, has been found in Codezips Free Exam Hall Seating Management System 1.0. This issue affects some unknown processing of the file /pages/save_user.php. The manipulation of the argument image leads to unrestricted upload.

The identification of this vulnerability is CVE-2024-10766. The attack may be initiated remotely. Furthermore, there is an exploit available.

The initial researcher disclosure contains confusing vulnerability classes and file names.

CVE-2024-10766 | Codezips Free Exam Hall Seating Management System 1.0 /pages/save_user.php image unrestricted upload

Related Posts

CVE-2024-35224 | OpenProject prior 13.4.2/14.0.2/14.1.0 Add Attachment cross site scripting (GHSA-h26c-j8wg-frjc)

CVE-2024-6455 | ElementsKit Elementor Addons Plugin up to 3.2.0 on WordPress ekit_widgetarea_content information disclosure

CVE-2024-51065 | PHPGurukul Beauty Parlour Management System 1.1 admin/index.php username sql injection

CVE-2024-11355 | codelizarplugs Ultimate YouTube Video & Shorts Player With Vimeo Plugin Setting get_setting authorization