CVE-2024-13133
CVSS 3.1 Score 6.3 of 10 (medium)
Details
Published Jan 5, 2025
CWE ID 434
CWE ID 284
Summary
CVE-2024-13133 is a critical vulnerability affecting ZeroWdd studentmanager 1.0. The issue lies in the function addStudent/editStudent of the file src/main/Java/com/wdd/studentmanager/controller/StudentController.java. The vulnerability allows for unrestricted upload of files through manipulation of the argument, making it possible for attackers to initiate the exploit remotely. This vulnerability has been disclosed to the public, increasing the risk of potential exploitation.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Zerowdd Studentmanager