Vulnerability Details CVE-2024-3129
A vulnerability was found in SourceCodester Image Accordion Gallery App 1.0. It has been classified as critical. This affects an unknown part of the file /endpoint/add-image.php. The manipulation of the argument image_name leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-258873 was assigned to this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.3%
CVSS Severity
CVSS v3 Score 6.3
CVSS v2 Score 6.5
References
- https://github.com/Sospiro014/zday1/blob/main/Image_Accordion_Gallery.md
- https://vuldb.com/?ctiid.258873
- https://vuldb.com/?id.258873
- https://vuldb.com/?submit.308188
- https://github.com/Sospiro014/zday1/blob/main/Image_Accordion_Gallery.md
- https://vuldb.com/?ctiid.258873
- https://vuldb.com/?id.258873
- https://vuldb.com/?submit.308188
Products affected by CVE-2024-3129
-
cpe:2.3:a:rems:image_accordion_gallery_app:1.0