CVE-2024-2529

CVSS 3.1 Score 9.3 of 10 (high)

Details

Published Mar 16, 2024

Updated: May 17, 2024

CWE ID 94

Summary

CVE-2024-2529 is a recently disclosed critical vulnerability affecting the MAGESH-K21 Online-College-Event-Hall-Reservation-System version 1.0. The issue lies within the unknown code of the /admin/rooms.php file, resulting in an unrestricted upload vulnerability. This weakness can be exploited remotely, meaning an attacker does not need to have local access to the system. The exploit for this vulnerability has been made public, increasing the risk of potential attacks. Vendor VDB-256966 identifies this issue, and unfortunately, the vendor was not responsive when contacted about the disclosure.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/ubj3Tf
https://www.cve.org/CVERecord?id=CVE-2024-2529
https://nvd.nist.gov/vuln/detail/CVE-2024-2529

Back to Vulnerability Database

CVE-2024-2529

CVSS 3.1 Score 9.3 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations