CVE-2024-6110

CVSS 3.1 Score 9.8 of 10 (CRITICAL)

Attack Complexity

LOW

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Scope

UNCHANGED

Privileges Required

NONE

Summary

CVE-2024-6110 is a critical vulnerability affecting Magbanua Beach Resort Online Reservation System up to version 1.0. The issue lies within the file controller.php, where an unknown functionality can be exploited. Maliciously crafted image manipulation in arguments can result in unrestricted file uploads, enabling remote attacks. The exploit has been made public, increasing the risk for potential attacks. (VDB-268856)

Details

Published: formatDate( 2024-06-18T12:15:13.290Z )
Updated: formatDate( 2024-08-08T16:12:55.633Z )
CWE ID: CWE-434

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/whze4_
https://www.cve.org/CVERecord?id=CVE-2024-6110
https://nvd.nist.gov/vuln/detail/CVE-2024-6110