CVE-2024-2754 | SourceCodester Complete E-Commerce Site 1.0 /admin/users_photo.php photo unrestricted upload

Posted by Angelo Barbosa | Mar 21, 2024 | CVE

A vulnerability classified as critical has been found in SourceCodester Complete E-Commerce Site 1.0. Affected is an unknown function of the file /admin/users_photo.php. The manipulation of the argument photo leads to unrestricted upload.

This vulnerability is traded as CVE-2024-2754. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-2754 | SourceCodester Complete E-Commerce Site 1.0 /admin/users_photo.php photo unrestricted upload

Related Posts

CVE-2024-25808 | Lychee 3.1.6 Create New Album cross-site request forgery (Issue 17)

CVE-2024-23647 | authentik PKCE downgrade

CVE-2024-2189 | WPZOOM Social Icons Widget & Block Plugin up to 4.2.17 on WordPress Setting cross site scripting

CVE-2024-34742 | Google Android 14 OwnersData.java shouldWrite denial of service