CVE-2024-4818

MEDIUM Year: 2024
CVSS v3 Score
5.3
Medium
CVSS v2 Score
5.0
Medium
Weakness Type
CWE-73
View all →

Vulnerability Description

A vulnerability was found in Campcodes Online Laundry Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /index.php. The manipulation of the argument page leads to file inclusion. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-263939.

Related Vulnerabilities

CVE-2022-2400

MEDIUM
CVSS:5.3(Medium)

External Control of File Name or Path in GitHub repository dompdf/dompdf prior to 2.0.0.

CWE-732022

CVE-2022-34765

MEDIUM
CVSS:5.3(Medium)

A CWE-73: External Control of File Name or Path vulnerability exists that could cause loading of unauthorized firmware images when user-controlled data is written to the file path. Affected Products: ...

CWE-732022

CVE-2022-45213

MEDIUM
CVSS:5.3(Medium)

perfSONAR before 4.4.6 inadvertently supports the parse option for a file:// URL.

CWE-732022

CVE-2023-30943

MEDIUM
CVSS:5.3(Medium)

The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request...

CWE-732023

CVE-2023-47147

MEDIUM
CVSS:5.3(Medium)

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow an attacker to overwrite a log message under specific conditions. IBM X-Force ID: 270598.

CWE-732023

CVE-2024-12267

MEDIUM
CVSS:5.3(Medium)

The Drag and Drop Multiple File Upload – Contact Form 7 plugin for WordPress is vulnerable to limited arbitrary file deletion due to insufficient file path validation in the dnd_codedropz_upload_delet...

CWE-732024