CVE-2024-13133 | ZeroWdd studentmanager 1.0 StudentController. java addStudent/editStudent file unrestricted upload

Posted by Angelo Barbosa | Jan 4, 2025 | CVE

A vulnerability, which was classified as critical, has been found in ZeroWdd studentmanager 1.0. This issue affects the function addStudent/editStudent of the file src/main/Java/com/wdd/studentmanager/controller/StudentController. java. The manipulation of the argument file leads to unrestricted upload.

The identification of this vulnerability is CVE-2024-13133. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-13133 | ZeroWdd studentmanager 1.0 StudentController. java addStudent/editStudent file unrestricted upload

Related Posts

CVE-2024-21357 | Microsoft Windows up to Server 2022 23H2 Pragmatic General Multicast Remote Code Execution

CVE-2024-40746 | HikaShop Component up to 5.1.0 on Joomla description cross site scripting

CVE-2024-37392 | SMSEagle up to 5.x SMS Message cross site scripting

CVE-2023-52585 | Linux Kernel up to 6.7.3 amdgpu amdgpu_ras_query_error_status_helper null pointer dereference (195a6289282e/b8d55a90fd55)