216.73.217.172

CVE-2024-34833

· Published 17/06/2024 21:15 · Modified 17/06/2024 21:15

Labels: CVE-2024-34833 2024-06-17CVE-2024-34833[email protected]

Essential information

Published
17/06/2024 21:15
Modified
17/06/2024 21:15
Author
Creator
CISA KEV
No
CWE

Description

Sourcecodester Payroll Management System v1.0 is vulnerable to File Upload. Users can upload images via the "save_settings" page. An unauthenticated attacker can leverage this functionality to upload a malicious PHP file instead. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as the user running the web server.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References