Remote Access to Sensitive Files and Directories Via /admin/uploads
CVE-2024-54938
Currently unrated
What is CVE-2024-54938?
A directory listing issue has been identified in the Kashipara E-Learning Management System version 1.0. This vulnerability permits remote attackers to gain unauthorized access to sensitive files and directories by exploiting the /admin/uploads path. The exposure of such directories can lead to a compromise of sensitive information stored within, necessitating immediate attention from system administrators to mitigate potential risks associated with unauthorized data access.
References
Timeline
Vulnerability published