CVE-2024-8170

26 Ago 2024

Jose Alexis Correa Valencia
0 Comentarios

Título es

CVE-2024-8170

Lun, 26/08/2024 – 16:15

Tipo

CWE-434

Gravedad v2.0

4.00

Gravedad 2.0 Txt

MEDIUM

Título en

CVE-2024-8170

Descripción en

A vulnerability classified as problematic has been found in SourceCodester Zipped Folder Manager App 1.0. This affects an unknown part of the file /endpoint/add-folder.php. The manipulation of the argument folder leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

26/08/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L

Vector CVSS:2.0

AV:N/AC:L/Au:S/C:N/I:N/A:P

Gravedad 3.1 (CVSS 3.1 Base Score)

3.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

LOW

Referencias

https://github.com/jadu101/CVE/blob/main/SourceCodester_Zipped_Folder_Manager_App_File_Upload.md

https://vuldb.com/?ctiid_275769=