CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-5049

A vulnerability, which was classified as critical, has been found in Codezips E-Commerce Site 1.0. Affected by this issue is some unknown functionality of the file admin/editproduct.php. The manipulation of the argument profilepic leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-264746 is the identifier assigned to this vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 30.4%

CVSS Severity

CVSS v3 Score 6.3

CVSS v2 Score 6.5

References

https://github.com/polaris0x1/CVE/issues/2
https://vuldb.com/?ctiid.264746
https://vuldb.com/?id.264746
https://vuldb.com/?submit.335838
https://github.com/polaris0x1/CVE/issues/2
https://vuldb.com/?ctiid.264746
https://vuldb.com/?id.264746
https://vuldb.com/?submit.335838

Products affected by CVE-2024-5049

Codezips » E-Commerce Site » Version: 1.0

cpe:2.3:a:codezips:e-commerce_site:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-5049

Products

Pricing

Contact Us