CVE-2024-0468

A vulnerability has been found in code-projects Fighting Cock Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/action/new-father.php. The manipulation of the argument image leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250573 was assigned to this vulnerability.
Configurations

Configuration 1 (hide)

cpe:2.3:a:code-projects:fighting_cock_information_system:1.0:*:*:*:*:*:*:*

History

17 Jan 2024, 18:30

Type Values Removed Values Added
CPE cpe:2.3:a:code-projects:fighting_cock_information_system:1.0:*:*:*:*:*:*:*
CWE CWE-434
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
First Time Code-projects fighting Cock Information System
Code-projects
References () https://github.com/BxYQ/vul/blob/main/FIGHTING_COCK_INFORMATION_SYSTEM_File9docx.pdf - () https://github.com/BxYQ/vul/blob/main/FIGHTING_COCK_INFORMATION_SYSTEM_File9docx.pdf - Broken Link
References () https://vuldb.com/?ctiid.250573 - () https://vuldb.com/?ctiid.250573 - Third Party Advisory
References () https://vuldb.com/?id.250573 - () https://vuldb.com/?id.250573 - Third Party Advisory

12 Jan 2024, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-01-12 21:15

Updated : 2024-05-17 02:34


NVD link : CVE-2024-0468

Mitre link : CVE-2024-0468

CVE.ORG link : CVE-2024-0468


JSON object : View

Products Affected

code-projects

  • fighting_cock_information_system
CWE
CWE-434

Unrestricted Upload of File with Dangerous Type