CVE-2024-7189

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jul 29, 2024

CWE ID 434

Summary

CVE-2024-7189 is a newly disclosed critical vulnerability affecting the Online Food Ordering System 1.0. The issue lies in an unknown function of the editproduct.php file, which can be exploited through manipulation of the photo argument. This vulnerability allows for unrestricted uploads, making it possible for remote attacks. The exploit has been made public, increasing the risk of potential exploitation. VDB-272610 is the identifier assigned to this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Online Food Ordering System

Affected Vendors

Itsourcecode

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/xSlhE2
https://www.cve.org/CVERecord?id=CVE-2024-7189
https://nvd.nist.gov/vuln/detail/CVE-2024-7189

Back to Vulnerability Database