Unrated severityNVD Advisory· Published Oct 27, 2024· Updated Oct 28, 2024
SourceCodester Attendance and Payroll System update.php upload unrestricted upload
CVE-2024-10420
Description
A vulnerability classified as critical has been found in SourceCodester Attendance and Payroll System 1.0. This affects the function upload of the file /marimar/guest/update.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2=1.0+ 1 more
- (no CPE)range: =1.0
- (no CPE)range: 1.0
Patches
Vulnerability mechanics
References
5- github.com/K1nako0/tmp_vuln12/blob/main/README.mdmitrebroken-linkexploit
- vuldb.commitrethird-party-advisory
- vuldb.commitresignaturepermissions-required
- vuldb.commitrevdb-entrytechnical-description
- www.sourcecodester.commitreproduct
News mentions
0No linked articles in our index yet.