Sourcecodester Payroll Management System v1.0 is vulnerable to File Upload. Users can upload images via the "save_settings" page. An unauthenticated attacker can leverage this functionality to upload a malicious PHP file instead. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as the user running the web server.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-06-17T00:00:00
Updated: 2024-08-05T16:54:37.899Z
Reserved: 2024-05-09T00:00:00
Link: CVE-2024-34833
Vulnrichment
Updated: 2024-08-02T02:59:22.671Z
NVD
Status : Awaiting Analysis
Published: 2024-06-17T21:15:50.783
Modified: 2024-08-05T17:35:13.953
Link: CVE-2024-34833
Redhat
No data.