CVE-2024-48594Unrestricted File Upload in Prison Management System

CWE-434Unrestricted File Upload3 documents3 sources
Severity
8.8HIGHNVD
EPSS
45.0%
top 2.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Fast5 Prison Management System
Timeline
PublishedOct 28

Description

File Upload vulnerability in Prison Management System v.1.0 allows a remote attacker to execute arbitrary code via the file upload component.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-v39q-v2cw-g4fp: File Upload vulnerability in Prison Management System v2024-10-28
CVEList
CVE-2024-48594: File Upload vulnerability in Prison Management System v2024-10-28
CVE-2024-48594 — Unrestricted File Upload | cvebase