CVE-2024-6280
SourceCodester Simple Online Bidding System 1.0 contains a vulnerability in /admin/ajax.php?action=save_settings where manipulating the img parameter enables unrestricted file upload. The issue is exploitable remotely and has been disclosed publicly. Multiple feeds (NVD, CVE/CVELIST, Red Hat, Vul...