Unrestricted File Upload Vulnerability in Laravel Property Management System 1.0
CVE-2024-7944
Key Information:
- Vendor
- Itsourcecode
- Status
- Laravel Property Management System
- Vendor
- CVE Published:
- 20 August 2024
Badges
Summary
A vulnerability exists in the itsourcecode Laravel Property Management System version 1.0 that affects the UpdateDocumentsRequest function within the DocumentsController.php file. This flaw allows attackers to upload files without adequate restrictions, which could lead to potential exploitation by leveraging remote system access. The nature of this vulnerability means that it can be targeted over the internet, making it crucial for users of this system to implement immediate remediation measures to safeguard their environments. Public disclosure of this vulnerability increases the risk of exploitation, underscoring the importance of prompt action.
Affected Version(s)
Laravel Property Management System 1.0
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V3.1
Timeline
- 🟡
Public PoC available
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved