CVE-2024-8463

CVSS 3.1 Score 9.9 of 10 (high)

Details

Published Sep 5, 2024
CWE ID 434

Summary

CVE-2024-8463 is a critical file upload restriction bypass vulnerability found in PHPGurukul Job Portal version 1.0, which could allow an authenticated user to execute remote code via a webshell. The vulnerability has a CVSS base score of 9.9, indicating a high potential impact on confidentiality, integrity, and availability, with low privileges required for exploitation and no user interaction necessary. Organizations using this software are at risk of severe consequences due to the high integrity and confidentiality impacts associated with this vulnerability. To remediate the issue, it is advised that users apply available patches or updates provided by the vendor. Additionally, implementing strict file upload validation measures can help mitigate the risk of exploitation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share