SourceCodester Facebook News Feed Like Post unrestricted upload
CVE-2024-1027

6.3MEDIUM

Key Information:

Vendor

Sourcecodester
Status
Facebook News Feed Like
Vendor
CVE Published:
30 January 2024

What is CVE-2024-1027?

A vulnerability in the Post Handler component of SourceCodester's Facebook News Feed Like version 1.0 allows for unrestricted file uploads, posing significant security risks. Attackers can exploit this flaw remotely, potentially leading to unauthorized file execution and server compromise. This vulnerability highlights the critical need for robust input validation and secure file handling practices to mitigate potential threats.

Affected Version(s)

Facebook News Feed Like 1.0

References

https://vuldb.com/?id.252300
vdb-entry
https://vuldb.com/?ctiid.252300
signaturepermissions-required

CVSS V3.1

Score:
6.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

CVSS V3.0

Score:
6.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

thesorcererkingainz (VulDB User)
.
CVE-2024-1027 : SourceCodester Facebook News Feed Like Post unrestricted upload