CVE-2024-7189

itsourcecode Online Food Ordering System editproduct.php unrestricted upload

Description

A vulnerability classified as critical has been found in itsourcecode Online Food Ordering System 1.0. Affected is an unknown function of the file editproduct.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-272610 is the identifier assigned to this vulnerability.

INFO

Published Date :

2024-07-29T07:31:03.846Z

Last Modified :

2024-08-01T21:52:30.933Z

Source :

VulDB

AFFECTED PRODUCTS

The following products are affected by CVE-2024-7189 vulnerability.

Vendors	Products
Kevinwong	Online Food Ordering System

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-7189.

URL	Resource
https://github.com/L1OudFd8cl09/CVE/blob/main/25_07_2024_a.md
https://vuldb.com/?ctiid.272610
https://vuldb.com/?id.272610
https://vuldb.com/?submit.380209

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Detailed values of each vector for above chart.

Access Vector

Access Complexity

Authentication

Confidentiality Impact

Integrity Impact

Availability Impact