CVE-2024-12956 | 1000 Projects Portfolio Management System MCA 1.0 add_achievement_details.php ach_certy unrestricted upload

Posted by Angelo Barbosa | Dec 25, 2024 | CVE

A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0 and classified as critical. This issue affects some unknown processing of the file /add_achievement_details.php. The manipulation of the argument ach_certy leads to unrestricted upload.

The identification of this vulnerability is CVE-2024-12956. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-12956 | 1000 Projects Portfolio Management System MCA 1.0 add_achievement_details.php ach_certy unrestricted upload

Related Posts

CVE-2023-48636 | Adobe Substance 3D Designer up to 13.0.0 out-of-bounds (apsb23-76)

CVE-2024-10573 | mpg123 up to 1.32.7 Frankenstein’s Monster buffer overflow

CVE-2024-0978 | My Private Site Plugin up to 3.0.14 on WordPress REST API information disclosure

CVE-2023-6552 | TasmoAdmin prior 3.3.0 Language Change current redirect