1 results (0.002 seconds)
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-4349 – SourceCodester Pisay Online E-Learning System controller.php unrestricted upload
https://notcve.org/view.php?id=CVE-2024-4349
30 Apr 2024 — A vulnerability has been found in SourceCodester Pisay Online E-Learning System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /lesson/controller.php. The manipulation of the argument file leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/CveSecLook/cve/issues/19 • CWE-434: Unrestricted Upload of File with Dangerous Type •