2 matches found
CVE-2024-2059
A vulnerability was found in SourceCodester Petrol Pump Management Software 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/app/servicecrud.php. The manipulation of the argument photo leads to unrestricted upload. The attack may be...
CVE-2024-2059
CVE-2024-2059 pertains to SourceCodester Petrol Pump Management Software 1.0, where an unrestricted file upload is possible via /admin/app/service_crud.php when handling the photo parameter. The root cause is manipulation of the photo argument that enables remote, unauthenticated uploads (as desc...