Unrated severityNVD Advisory· Published May 9, 2024· Updated Aug 1, 2024

Campcodes Legal Case Management System Setting general-setting unrestricted upload

CVE-2024-4681

Description

A vulnerability, which was classified as critical, was found in Campcodes Legal Case Management System 1.0. Affected is an unknown function of the file /admin/general-setting of the component Setting Handler. The manipulation of the argument favicon/logo leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-263622 is the identifier assigned to this vulnerability.

Affected products

Campcodes/Legal Case Management Systemllm-fuzzy
Range: =1.0
Campcodes/Legal Case Management Systemv5
Range: 1.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/yylmm/CVE/blob/main/Legal%20Case%20Management%20System/file_upload.mdmitreexploit
vuldb.commitrethird-party-advisory
vuldb.commitresignaturepermissions-required
vuldb.commitrevdb-entrytechnical-description

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000