CVE-2024-12954 | 1000 Projects Portfolio Management System MCA 1.0 /update_ach.php ach_certy unrestricted upload

Posted by Angelo Barbosa | Dec 25, 2024 | CVE

A vulnerability, which was classified as critical, was found in 1000 Projects Portfolio Management System MCA 1.0. This affects an unknown part of the file /update_ach.php. The manipulation of the argument ach_certy leads to unrestricted upload.

This vulnerability is uniquely identified as CVE-2024-12954. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2024-12954 | 1000 Projects Portfolio Management System MCA 1.0 /update_ach.php ach_certy unrestricted upload

Related Posts

CVE-2024-53623 | TP-Link ARCHER-C7 l_0_0.xml access control

CVE-2024-22372 | Elecom WRC-X1800GS-B 1.09/1.12/1.17/earlier/earlier Request os command injection

CVE-2024-22146 | Schema & Structured Data for WP & AMP Plugin up to 1.25 on WordPress cross site scripting

CVE-2024-36600 | libcdio 2.1.0 ISO 9660 Image File buffer overflow