Remote File Inclusion Vulnerability in jeanmarc77 123solar
CVE-2024-9275

Currently unrated

Key Information:

Vendor: Jeanmarc77
Vendor: CVE Published:; 27 September 2024

What is CVE-2024-9275?

A significant security flaw has been identified in the jeanmarc77 123solar application, specifically in versions up to 1.8.4.5. The vulnerability resides in the '/admin/admin_invt2.php' file and allows for remote file inclusion through improper handling of the 'PROTOCOLx' parameter. This type of vulnerability can lead to unauthorized access to sensitive files and potential full system compromise if exploited. The issue is publicly known, making it critical for users to apply suitable patches or mitigations as soon as possible to safeguard their systems against potential attacks.

References

https://vuldb.com/?id.278657

https://vuldb.com/?ctiid.278657

https://vuldb.com/?submit.408326

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 27, 2024

Jeanmarc77

What is CVE-2024-9275?

References

Timeline