CVE-2024-8463Unrestricted File Upload in JOB Portal

CWE-434Unrestricted File Upload3 documents3 sources
Severity
8.8HIGHNVD
CNA9.9
EPSS
0.1%
top 71.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Phpgurukul JOB Portal
Timeline
PublishedSep 5

Description

File upload restriction bypass vulnerability in PHPGurukul Job Portal 1.0, the exploitation of which could allow an authenticated user to execute an RCE via webshell.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5phpgurukul/job_portal1.0

🔴Vulnerability Details

2
CVEList
File upload restriction bypass vulnerability in Job Portal2024-09-05
GHSA
GHSA-phhw-57mq-75j6: File upload restriction bypass vulnerability in PHPGurukul Job Portal 12024-09-05
CVE-2024-8463 — Unrestricted File Upload in JOB Portal | cvebase