CVE-2024-4921

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-4921

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-4921.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-4921

Published

2024-05-16T01:15:07.540Z

Modified

2026-03-14T12:36:16.195305Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A vulnerability classified as critical has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. Affected is an unknown function of the file /employee_gatepass/classes/Users.php?f=ssave. The manipulation of the argument img leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-264456.

References

Affected packages

Git /

Affected ranges

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-4921.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "1.0"
            }
        ]
    }
]