Overview
- Description
- A vulnerability has been found in SourceCodester Best Employee Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/profile.php. The manipulation of the argument website_image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher disclosure contains confusing vulnerability classes.
- Source
- cna@vuldb.com
- NVD status
- Undergoing Analysis
Risk scores
CVSS 4.0
- Type
- Secondary
- Base score
- 5.1
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Secondary
- Base score
- 4.7
- Impact score
- 3.4
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
- Severity
- MEDIUM
CVSS 2.0
- Type
- Secondary
- Base score
- 5.8
- Impact score
- 6.4
- Exploitability score
- 6.4
- Vector string
- AV:N/AC:L/Au:M/C:P/I:P/A:P
Weaknesses
- cna@vuldb.com
- CWE-284
Social media
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
🚨 CVE-2024-11214 (Published: 2024-11-14) - A critical vulnerability in SourceCodester affects multiple versions. Users are urged to update to the latest release immediately to mitigate risks. For more details, visit: https://t.co/x0P06XF4Ff #CyberSecurity #Vulnerability… https:/
@transilienceai
17 Nov 2024
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-11214 (Published: 2024-11-14) - A critical vulnerability in SourceCodester affects multiple versions. Users are urged to update to the latest release to mitigate risks. For more details and remediation steps, visit: https://t.co/x0P06XF4Ff #CyberSecurity… https://t.co
@transilienceai
17 Nov 2024
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-11214 (Published: 2024-11-14) - A critical vulnerability in SourceCodester affects multiple versions. Users are urged to update to the latest version immediately to mitigate risks. For more details and remediation steps, visit: https://t.co/p9N9jYji9z #CyberSecurity…
@transilienceai
17 Nov 2024
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-11214 (Published: 2024-11-14) - A critical vulnerability in SourceCodester affects multiple versions. Users are urged to update to the latest release immediately to mitigate risks. Stay secure and check for patches here: https://t.co/p9N9jYji9z #CyberSecurity… https:/
@transilienceai
17 Nov 2024
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-11214 (Published: 2024-11-14) - A critical vulnerability in SourceCodester affects multiple versions. Users are urged to update to the latest release to mitigate risks. For more details and remediation steps, visit: https://t.co/x0P06XF4Ff #CyberSecurity… https://t.co
@transilienceai
17 Nov 2024
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-11214 (Published: 2024-11-14) - A critical vulnerability in SourceCodester affects multiple versions. Users are urged to update to the latest release to mitigate risks. For detailed remediation steps, visit: https://t.co/agBGusLrIB. Stay secure! #CyberSecurity… https:
@transilienceai
17 Nov 2024
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-11214 A vulnerability has been found in SourceCodester Best Employee Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /… https://t.co/wUe1I7ks6o
@CVEnew
14 Nov 2024
319 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes