CVE-2024-4809 | SourceCodester Open Source Clinic Management System 1.0 setting.php logo unrestricted upload

Posted by Angelo Barbosa | May 12, 2024 | CVE

A vulnerability has been found in SourceCodester Open Source Clinic Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file setting.php. The manipulation of the argument logo leads to unrestricted upload.

This vulnerability is known as CVE-2024-4809. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-4809 | SourceCodester Open Source Clinic Management System 1.0 setting.php logo unrestricted upload

Related Posts

CVE-2024-39772 | Mattermost Desktop App up to 5.8.0 access control

CVE-2024-3905 | Tenda AC500 2.0.1.9(1307) /goform/execCommand R7WebsSecurityHandler password stack-based overflow

CVE-2023-52890 | NTFS-3G libntfs-3g/unistr.c ntfs_uppercase_mbs use after free (Issue 84 / 75dcdc2)

CVE-2023-47996 | FreeImage 3.18.0 Exif.cpp jpeg_read_exif_dir integer overflow