5 matches found
CVE-2024-52302
common-user-management is a robust Spring Boot application featuring user management services designed to control user access dynamically. There is a critical security vulnerability in the application endpoint /api/v1/customer/profile-picture. This endpoint allows file uploads without proper...
Spring Boot common-user-management 0.1 - Remote Code Execution (RCE)
Exploit Title: Unrestricted File Upload Google Dork: Date: 14/Nov/2024 Exploit Author: d3sca Vendor Homepage: https://github.com/OsamaTaher/Java-springboot-codebase Software Link: https://github.com/OsamaTaher/Java-springboot-codebase Version: app version 0.1 Tested on: Debian Linux CVE :...
Exploit for CVE-2024-52302
CVE-2024-52302: Unrestricted File Upload Vulnerability in Comm...
CVE-2024-52302 common-user-management Unrestricted File Upload Leading to Remote Code Execution (RCE)
common-user-management is a robust Spring Boot application featuring user management services designed to control user access dynamically. There is a critical security vulnerability in the application endpoint /api/v1/customer/profile-picture. This endpoint allows file uploads without proper...
CVE-2024-52302
CVE-2024-52302 affects the Spring Boot app common-user-management, specifically the /api/v1/customer/profile-picture endpoint. The vulnerability arises from unrestricted file uploads without proper validation or restrictions, allowing attackers to upload arbitrary files that can lead to Remote Co...