CVE-2024-1818

CVSS 3.1 Score 4.7 of 10 (medium)

Details

Published Feb 23, 2024

Updated: May 17, 2024

CWE ID 434

Summary

CVE-2024-1818 is a critical vulnerability affecting the CodeAstro Membership Management System 1.0. This issue resides in an unspecified functionality of the Logo Handler component's /uploads/ file. Manipulation of this area allows for unrestricted file uploads, posing a significant risk. The vulnerability can be exploited remotely, and the exploit has been made public. VDB-254606 is the assigned identifier for this security flaw.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/un2zb1
https://www.cve.org/CVERecord?id=CVE-2024-1818
https://nvd.nist.gov/vuln/detail/CVE-2024-1818

Back to Vulnerability Database

CVE-2024-1818

CVSS 3.1 Score 4.7 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations