Unrated severityNVD Advisory· Published Jan 5, 2025· Updated Jan 6, 2025
ZeroWdd studentmanager TeacherController. java editTeacher unrestricted upload
CVE-2024-13134
Description
A vulnerability, which was classified as critical, was found in ZeroWdd studentmanager 1.0. Affected is the function addTeacher/editTeacher of the file src/main/Java/com/wdd/studentmanager/controller/TeacherController. java. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2= 1.0+ 1 more
- (no CPE)range: = 1.0
- (no CPE)range: 1.0
Patches
Vulnerability mechanics
References
5- github.com/ZeroWdd/studentmanager/issues/16mitreexploitissue-tracking
- vuldb.commitrethird-party-advisory
- github.com/ZeroWdd/studentmanager/issues/16mitreissue-tracking
- vuldb.commitresignaturepermissions-required
- vuldb.commitrevdb-entrytechnical-description
News mentions
0No linked articles in our index yet.