Security Advisory

CVE-2024-34833

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-06-17 00:00:00

Last updated 2024-08-05 16:54:37

Assigner mitre

State PUBLISHED

Description

Sourcecodester Payroll Management System v1.0 is vulnerable to File Upload. Users can upload images via the "save_settings" page. An unauthenticated attacker can leverage this functionality to upload a malicious PHP file instead. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as the user running the web server.

← Browse all CVEs View on cve.org ↗