CVE-2024-11484

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Nov 20, 2024

Updated: Nov 23, 2024

CWE ID 284

CWE ID 266

Summary

CVE-2024-11484 is a critical vulnerability affecting the Code4Berry Decoration Management System 1.0. The issue lies within an unknown functionality of the file /decoration/admin/update_image.php, specifically the argument productimage1. This vulnerability results in improper access controls, enabling remote attacks. Despite early notification to the vendor, they have not responded or taken any action to address the issue, leaving it open for potential exploitation by malicious actors.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/0tfDJ6
https://www.cve.org/CVERecord?id=CVE-2024-11484
https://nvd.nist.gov/vuln/detail/CVE-2024-11484

Back to Vulnerability Database

CVE-2024-11484

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations