CVE-2024-7813

CWE-522Insufficiently Protected Credentials3 documents3 sources
Severity
6.9MEDIUM
EPSS
0.3%
top 46.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Sourcecodester Prison Management SystemPrison Management System Project Prison Management System
Timeline
PublishedAug 15

Description

A vulnerability, which was classified as problematic, has been found in SourceCodester Prison Management System 1.0. This issue affects some unknown processing of the file /uploadImage/Profile/ of the component Profile Image Handler. The manipulation leads to insufficiently protected credentials. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-p522-8xvv-fcr2: A vulnerability, which was classified as problematic, has been found in SourceCodester Prison Management System 12024-08-15
CVEList
SourceCodester Prison Management System Profile Image insufficiently protected credentials2024-08-15
CVE-2024-7813 (MEDIUM CVSS 6.9) | A vulnerability | cvebase.io