CVE-2024-52501
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2024-52501 is a newly disclosed vulnerability affecting the Office Locator module for PHP. This issue is classified as a PHP Remote File Inclusion (RFI) vulnerability, where an attacker can manipulate the filename for include or require statements in a PHP program to load arbitrary files. This vulnerability exists in Office Locator versions from n/a to 1.3.0, and if exploited, it could potentially allow an attacker to gain unauthorized access to sensitive data or execute malicious code. System administrators are encouraged to update their Office Locator installations to the latest available version to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.