Lucene search
HistoryMar 01, 2024 - 10:15 p.m.
CVE-2024-27747
cve-2024-27747
file upload
petrol pump mangement software
arbitrary code execution
crafted payload
email image parameter
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.3
Confidence
High
EPSS
0.006
Percentile
79.0%
File Upload vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the email Image parameter in the profile.php component.
Related
packetstorm
packetstorm
Petrol Pump Management System 1.0 Shell Upload
2024-03-04 00:00:00
cvelist
cvelist
CVE-2024-27747
2024-03-01 00:00:00
cve
cve
CVE-2024-27747
2024-03-01 22:15:47
prion
prion
Unrestricted file upload
2024-03-01 22:15:00
vulnrichment
vulnrichment
CVE-2024-27747
2024-03-01 00:00:00
zdt
zdt
exploitdb
exploitdb
Petrol Pump Management Software v1.0 - Remote Code Execution via File Upload
2024-03-03 00:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.3
Confidence
High
EPSS
0.006
Percentile
79.0%
Related for NVD:CVE-2024-27747