- Description
- A vulnerability was found in code-projects Online Notice Board up to 1.0 and classified as critical. This issue affects some unknown processing of the file /registration.php of the component Profile Picture Handler. The manipulation of the argument img leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
- Source
- cna@vuldb.com
- NVD status
- Analyzed
CVSS 4.0
- Type
- Secondary
- Base score
- 6.9
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- Hype score
- Not currently trending
CVE-2024-12233 Critical Remote Upload Vulnerability in Online Notice Board 1.0 A critical vulnerability exists in code-projects Online Notice Board, version 1.0 and earlier. It affects the way the file /registrat... https://t.co/qQo3LWGdwa
@VulmonFeeds
5 Dec 2024
21 Impressions
1 Retweet
1 Like
1 Bookmark
0 Replies
0 Quotes
CVE-2024-12233 A vulnerability was found in code-projects Online Notice Board up to 1.0 and classified as critical. This issue affects some unknown processing of the file /registrat… https://t.co/kC1AYuKnkU
@CVEnew
5 Dec 2024
331 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fabianros:online_notice_board:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F3CCB274-6AA2-45A3-BA71-B63D91134DED"
}
],
"operator": "OR"
}
]
}
]