CVE-2024-2690

EUVD-2024-27636
A vulnerability was found in SourceCodester Online Discussion Forum Site 1.0. It has been classified as critical. Affected is an unknown function of the file /uupdate.php. The manipulation of the argument ima leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257388.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
CISA-ADPADP
6.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 41%
Affected Products (NVD)
VendorProductVersion
razormistonline_discussion_forum_site
1.0
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
online_discussion_forum_site_projectonline_discussion_forum_site
1.0
ADP
Common Weakness Enumeration
References
https://github.com/wkeyi0x1/vul-report/issues/2
https://vuldb.com/?ctiid.257388
https://vuldb.com/?id.257388
https://github.com/wkeyi0x1/vul-report/issues/2
https://vuldb.com/?ctiid.257388
https://vuldb.com/?id.257388