Unrestricted File Upload Vulnerability in SourceCodester Petrol Pump Management Software
CVE-2024-2058

7.2HIGH

Key Information:

Vendor: Sourcecodester
Status: Petrol Pump Management Software
Vendor: CVE Published:; 1 March 2024

🔔 Create Sourcecodester Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2024-2058?

A significant vulnerability exists in the Petrol Pump Management Software, specifically related to an insecure feature within the admin panel. The flaw allows for unrestricted file uploads via the product.php file, which can be exploited by remote attackers to upload malicious files. This weakness has been publicly disclosed and may pose severe risks to system integrity and data security. It is imperative for users of the affected software to implement mitigation strategies immediately to defend against potential exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Petrol Pump Management Software 1.0

References

https://vuldb.com/?id.255373

vdb-entrytechnical-description

https://vuldb.com/?ctiid.255373

signaturepermissions-required

https://github.com/skid-nochizplz/skid-nochizplz/blob/mai...

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

👾
Exploit known to exist
Mar 1, 2024
Vulnerability published
Mar 1, 2024
Vulnerability Reserved
Mar 1, 2024

Credit

Joshua Lictan

nochizplz (VulDB User)

JSON

Sourcecodester

Badges

What is CVE-2024-2058?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.