CVE-2024-34833
June 17, 2024, 9:15 p.m.
Tags
Product(s) Impacted
Sourcecodester Payroll Management System
- 1.0
Description
Sourcecodester Payroll Management System v1.0 is vulnerable to File Upload. Users can upload images via the "save_settings" page. An unauthenticated attacker can leverage this functionality to upload a malicious PHP file instead. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as the user running the web server.
Weaknesses
Date
Published: June 17, 2024, 9:15 p.m.
Last Modified: June 17, 2024, 9:15 p.m.
Status : Received
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
cve@mitre.org