CVE-2024-0192 | RRJ Nueva Ecija Engineer Online Portal 1.0 Add Downloadable downloadable.php unrestricted upload

Posted by Angelo Barbosa | Jan 2, 2024 | CVE

A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file downloadable.php of the component Add Downloadable. The manipulation leads to unrestricted upload.

This vulnerability is known as CVE-2024-0192. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-0192 | RRJ Nueva Ecija Engineer Online Portal 1.0 Add Downloadable downloadable.php unrestricted upload

Related Posts

CVE-2024-7143 | Red Hat Ansible Automation Platform Role-Based Access Control add_roles_for_object_creator insecure inherited permissions

CVE-2024-6520 | FluentForm Plugin up to 5.1.19 on WordPress cross site scripting

CVE-2024-21183 | Oracle WebLogic Server 12.2.1.4.0/14.1.1.0.0 Core information disclosure

CVE-2024-28859 | FriendsOfSymfony1 symfony1 up to 1.5.17 __destruct deserialization (GHSA-wjv8-pxr6-5f4r)