Unauthenticated Remote Code Execution in Sourcecodester Poultry Farm Management System
CVE-2024-40110

Currently unrated

Key Information:

Vendor: Sourcecodester
Status: Poultry Farm Management System
Vendor: CVE Published:; 12 July 2024

🔔 Create Sourcecodester Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 19%

What is CVE-2024-40110?

The Poultry Farm Management System version 1.0 by Sourcecodester is susceptible to an unauthenticated Remote Code Execution (RCE) vulnerability. This flaw can be exploited through the 'productimage' parameter in the /farm/product.php endpoint, allowing attackers to execute arbitrary code on the server without authentication. As a result, unauthorized users might gain control over sensitive functionality and data within the system, posing significant security risks.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-40110
Created by thiagosmith

References

https://github.com/w3bn00b3r/Unauthenticated-Remote-Code-...

EPSS Score

19% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Apr 29, 2025
👾
Exploit known to exist
Apr 29, 2025
Vulnerability published
Jul 12, 2024
Vulnerability Reserved
Jul 5, 2024