Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-30849

Arbitrary file upload vulnerability in Sourcecodester Complete E-Commerce Site v1.0, allows remote attackers to execute arbitrary code via filename parameter in admin/products_photo.php.

Published

2024-04-05T08:15:07.733

Last Modified

2025-05-05T17:47:47.150

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses
  • Type: Secondary
    CWE-98
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application donbermoy complete_e-commerce_site 1.0 Yes
References