Vulnerability Description
A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/modules/product/controller.php?action=add. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-267414 is the identifier assigned to this vulnerability.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bakery Online Ordering System Project | Bakery Online Ordering System | 1.0 |
Related Weaknesses (CWE)
References
- https://github.com/L1OudFd8cl09/CVE/blob/main/07_06_2024_a.mdExploit
- https://vuldb.com/?ctiid.267414Permissions RequiredThird Party Advisory
- https://vuldb.com/?id.267414Third Party Advisory
- https://vuldb.com/?submit.351827Third Party Advisory
- https://github.com/L1OudFd8cl09/CVE/blob/main/07_06_2024_a.mdExploit
- https://vuldb.com/?ctiid.267414Permissions RequiredThird Party Advisory
- https://vuldb.com/?id.267414Third Party Advisory
- https://vuldb.com/?submit.351827Third Party Advisory
FAQ
What is CVE-2024-5745?
CVE-2024-5745 is a vulnerability with a CVSS score of 7.3 (HIGH). A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/modules/product/controller.php?actio...
How severe is CVE-2024-5745?
CVE-2024-5745 has been rated HIGH with a CVSS base score of 7.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-5745?
Check the references section above for vendor advisories and patch information. Affected products include: Bakery Online Ordering System Project Bakery Online Ordering System.