Lucene search
+L

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:39 a.m.10 views

CVE-2024-27747

File Upload vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the email Image parameter in the profile.php component...

9.8CVSS7.6AI score0.23581EPSS
Exploits4References1
0day.today
0day.today
added 2024/03/04 12:0 a.m.357 views

Petrol Pump Management Software v1.0 - Remote Code Execution via File Upload Vulnerability

Exploit Title: Petrol Pump Management Software v1.0 - Remote Code Execution via File Upload Exploit Author: Shubham Pandey Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17180/petrol-pump-management-software-free-download.html Version: 1.0 Tested...

9.8CVSS7.4AI score0.23581EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/03/04 12:0 a.m.286 views

Petrol Pump Management System 1.0 Shell Upload

Exploit Title: File Upload Remote Code Execution RCE in Petrol Pump Management Software v.1.0 Date: 01-03-2024 Exploit Author: Shubham Pandey Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17180/petrol-pump-management-software-free-download.html...

7.4AI score0.23581EPSS
Exploits4
NVD
NVD
added 2024/03/01 10:15 p.m.28 views

CVE-2024-27747

File Upload vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the email Image parameter in the profile.php component...

9.8CVSS7.3AI score0.23581EPSS
Exploits4References1
Vulnrichment
Vulnrichment
added 2024/03/01 12:0 a.m.12 views

CVE-2024-27747

File Upload vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the email Image parameter in the profile.php component...

7.6AI score0.23581EPSS
Exploits4References1
Cvelist
Cvelist
added 2024/03/01 12:0 a.m.37 views

CVE-2024-27747

File Upload vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the email Image parameter in the profile.php component...

7.6AI score0.23581EPSS
Exploits4References1
CVE
CVE
added 2024/03/01 12:0 a.m.76 views

CVE-2024-27747

Petrol Pump Management Software v1.0 (vendor mayuri_k) contains a file-upload vulnerability in profile.php via the Image parameter in the email field, enabling remote code execution. Root cause: insufficient validation of uploaded content allows uploading a PHP shell (as shown by PoCs) which can ...

9.8CVSS7.5AI score0.23581EPSS
Exploits4References1Affected Software1
Rows per page
Query Builder