Unauthenticated Remote Code Execution in Sourcecodester Poultry Farm Management System
CVE-2024-40110

Currently unrated

Key Information:

Vendor: Sourcecodester
Status: Poultry Farm Management System
Vendor: CVE Published:; 12 July 2024

Summary

The Poultry Farm Management System version 1.0 by Sourcecodester is susceptible to an unauthenticated Remote Code Execution (RCE) vulnerability. This flaw can be exploited through the 'productimage' parameter in the /farm/product.php endpoint, allowing attackers to execute arbitrary code on the server without authentication. As a result, unauthorized users might gain control over sensitive functionality and data within the system, posing significant security risks.

References

https://github.com/w3bn00b3r/Unauthenticated-Remote-Code-...

EPSS Score

9% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 12, 2024
Vulnerability Reserved
Jul 5, 2024