CVE-2024-30849 | SourceCodester Complete E-Commerce Site 1.0 admin/products_photo.php filename unrestricted upload

Posted by Angelo Barbosa | Apr 5, 2024 | CVE

A vulnerability has been found in SourceCodester Complete E-Commerce Site 1.0 and classified as critical. This vulnerability affects unknown code of the file admin/products_photo.php. The manipulation of the argument filename leads to unrestricted upload.

This vulnerability was named CVE-2024-30849. The attack can be initiated remotely. There is no exploit available.

CVE-2024-30849 | SourceCodester Complete E-Commerce Site 1.0 admin/products_photo.php filename unrestricted upload

Related Posts

CVE-2023-48697 | azure-rtos usbx up to 6.2.1 null pointer dereference (GHSA-p2p9-wp2q-wjv4)

CVE-2024-33933 | Brainstorm Force & Nikhil Chavan Elementor Plugin up to 1.6.35 on WordPress cross site scripting

CVE-2023-49956 | Dalmann OCPP.Core up to 1.2.x StopTransaction Message random values

CVE-2024-7448 | Magnet Forensics Axiom command injection (ZDI-24-1129)