- Description
- A vulnerability has been found in SourceCodester Best Employee Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/profile.php. The manipulation of the argument website_image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher disclosure contains confusing vulnerability classes.
- Source
- cna@vuldb.com
- NVD status
- Analyzed
CVSS 4.0
- Type
- Secondary
- Base score
- 5.1
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Primary
- Base score
- 7.2
- Impact score
- 5.9
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Secondary
- Base score
- 5.8
- Impact score
- 6.4
- Exploitability score
- 6.4
- Vector string
- AV:N/AC:L/Au:M/C:P/I:P/A:P
- Hype score
- Not currently trending
🚨 CVE-2024-11214 (Published: 2024-11-14) - A critical vulnerability in SourceCodester affects multiple versions. Users are urged to update to the latest release immediately to mitigate risks. For more details, visit: https://t.co/x0P06XF4Ff #CyberSecurity #Vulnerability… https:/
@transilienceai
17 Nov 2024
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-11214 (Published: 2024-11-14) - A critical vulnerability in SourceCodester affects multiple versions. Users are urged to update to the latest release to mitigate risks. For more details and remediation steps, visit: https://t.co/x0P06XF4Ff #CyberSecurity… https://t.co
@transilienceai
17 Nov 2024
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-11214 (Published: 2024-11-14) - A critical vulnerability in SourceCodester affects multiple versions. Users are urged to update to the latest version immediately to mitigate risks. For more details and remediation steps, visit: https://t.co/p9N9jYji9z #CyberSecurity…
@transilienceai
17 Nov 2024
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-11214 (Published: 2024-11-14) - A critical vulnerability in SourceCodester affects multiple versions. Users are urged to update to the latest release immediately to mitigate risks. Stay secure and check for patches here: https://t.co/p9N9jYji9z #CyberSecurity… https:/
@transilienceai
17 Nov 2024
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-11214 (Published: 2024-11-14) - A critical vulnerability in SourceCodester affects multiple versions. Users are urged to update to the latest release to mitigate risks. For more details and remediation steps, visit: https://t.co/x0P06XF4Ff #CyberSecurity… https://t.co
@transilienceai
17 Nov 2024
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-11214 (Published: 2024-11-14) - A critical vulnerability in SourceCodester affects multiple versions. Users are urged to update to the latest release to mitigate risks. For detailed remediation steps, visit: https://t.co/agBGusLrIB. Stay secure! #CyberSecurity… https:
@transilienceai
17 Nov 2024
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-11214 A vulnerability has been found in SourceCodester Best Employee Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /… https://t.co/wUe1I7ks6o
@CVEnew
14 Nov 2024
319 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mayurik:best_employee_management_system:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "085DDBB3-1FD4-4947-916D-1AEF70F258C3"
}
],
"operator": "OR"
}
]
}
]