CVE-2024-40482
CVSS 3.1 Score 9.8 of 10 (high)
Details
Summary
CVE-2024-40482 is a newly discovered vulnerability affecting the Kashipara Live Membership System v1.0. The issue lies in the "/Membership/edit_member.php" file where an Unrestricted file upload flaw exists. This vulnerability enables attackers to upload crafted PHP files, thereby gaining the ability to execute arbitrary code on the targeted system. Successful exploitation could lead to serious security implications, including unauthorized access, data theft, or even system compromise. It is recommended that users upgrade to the latest version of the system to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.