CVE-2024-0348

CWE-400 — Uncontrolled Resource Consumption3 documents3 sources

Severity

6.5MEDIUM

EPSS

0.1%

top 83.73%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Sourcecodester Engineers Online Portal Engineers Online Portal Project Engineers Online Portal

Timeline

PublishedJan 9

Latest updateJan 10

Description

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been classified as problematic. Affected is an unknown function of the component File Upload Handler. The manipulation leads to resource consumption. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250116.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:LExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5sourcecodester/engineers_online_portal1.0

▶NVDengineers_online_portal_project/engineers_online_portal1.0

🔴Vulnerability Details

GHSA

GHSA-pg6f-xvpp-gggv: A vulnerability was found in SourceCodester Engineers Online Portal 1↗2024-01-10

▶

CVEList

SourceCodester Engineers Online Portal File Upload resource consumption↗2024-01-09

▶