CVE-2024-12951 | 1000 Projects Portfolio Management System MCA 1.0 add_personal_details.php profile unrestricted upload

Posted by Angelo Barbosa | Dec 25, 2024 | CVE

A vulnerability classified as critical has been found in 1000 Projects Portfolio Management System MCA 1.0. Affected is an unknown function of the file /add_personal_details.php. The manipulation of the argument profile leads to unrestricted upload.

This vulnerability is traded as CVE-2024-12951. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-12951 | 1000 Projects Portfolio Management System MCA 1.0 add_personal_details.php profile unrestricted upload

Related Posts

CVE-2024-1086 | Linux Kernel up to 6.7 Netfilter nf_tables_api.c nft_verdict_init use after free

CVE-2024-30965 | DedeCMS 5.7 member_scores.php cross-site request forgery

CVE-2024-39418 | Adobe Commerce/Magento Open Source up to 2.4.4-p9/2.4.5-p8/2.4.6-p6/2.4.7-p1 improper authorization (apsb24-61)

CVE-2024-3059 | ENL Newsletter Plugin up to 1.0.1 on WordPress cross-site request forgery