A vulnerability was found in itsourcecode Laravel Property Management System 1.0. It has been classified as critical. Affected is the function UpdateDocumentsRequest of the file DocumentsController.php. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://github.com/DeepMountains/zzz/blob/main/CVE2-2.md | Technical Description |
https://vuldb.com/?ctiid.275136 | Permissions Required |
https://vuldb.com/?id.275136 | Third Party Advisory |
https://vuldb.com/?submit.393372 | Issue Tracking |
Configurations
Configuration 1 (hide)
|
History
21 Aug 2024, 15:24
Type | Values Removed | Values Added |
---|---|---|
First Time |
Adonesevangelista laravel Property Management System
Adonesevangelista |
|
Summary |
|
|
CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 8.8 |
CPE | cpe:2.3:a:adonesevangelista:laravel_property_management_system:1.0:*:*:*:*:*:*:* | |
References | () https://github.com/DeepMountains/zzz/blob/main/CVE2-2.md - Technical Description | |
References | () https://vuldb.com/?ctiid.275136 - Permissions Required | |
References | () https://vuldb.com/?id.275136 - Third Party Advisory | |
References | () https://vuldb.com/?submit.393372 - Issue Tracking |
20 Aug 2024, 02:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-20 02:15
Updated : 2024-08-21 15:24
NVD link : CVE-2024-7944
Mitre link : CVE-2024-7944
CVE.ORG link : CVE-2024-7944
JSON object : View
Products Affected
adonesevangelista
- laravel_property_management_system
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type