Podatność CVE-2024-34833


Publikacja: 2024-06-17

Opis:
Sourcecodester Payroll Management System v1.0 is vulnerable to File Upload. Users can upload images via the "save_settings" page. An unauthenticated attacker can leverage this functionality to upload a malicious PHP file instead. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as the user running the web server.

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:
Tytuł
Autor
Data
High
Payroll Management System 1.0 Remote Code Execution
ShellUnease
24.06.2024

 Referencje:
https://github.com/ShellUnease/payroll-management-system-rce
https://packetstormsecurity.com/files/179106/Payroll-Management-System-1.0-Remote-Code-Execution.html

Copyright 2024, cxsecurity.com

 

Back to Top