CVE-2024-13134

Medium CVSS: 5.3

A vulnerability, which was classified as critical, was found in ZeroWdd studentmanager 1.0. Affected is the function addTeacher/editTeacher of the file src/main/Java/com/wdd/studentmanager/controller/TeacherController. java. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Vendor

Zerowdd

Product

Studentmanager

CWE

CWE-284

Yayın Tarihi

2025-01-05 08:15:05

Güncelleme

2025-10-10 17:41:39

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-284 Studentmanager MEDIUM Zerowdd 2025

Referanslar

https://github.com/ZeroWdd/studentmanager/issues/16 https://github.com/ZeroWdd/studentmanager/issues/16#issue-2755347097 https://vuldb.com/?ctiid.290208 https://vuldb.com/?id.290208 https://vuldb.com/?submit.467916

Benzer Kayıtlar

Medium

CVE-2026-2201

A security vulnerability has been detected in ZeroWdd studentmanager up to 2151560fc0a50ec00426785ec1e01a3763b380d9. Thi…

Medium

CVE-2025-3587

A vulnerability classified as critical was found in ZeroWdd/code-projects studentmanager 1.0. This vulnerability affects…

Medium

CVE-2024-13192

A vulnerability, which was classified as problematic, was found in ZeroWdd myblog 1.0. Affected is the function update o…

Medium

CVE-2024-13191

A vulnerability, which was classified as critical, has been found in ZeroWdd myblog 1.0. This issue affects the function…

Medium

CVE-2024-13189

A vulnerability classified as critical has been found in ZeroWdd myblog 1.0. This affects an unknown part of the file sr…

Medium

CVE-2024-13143

A vulnerability was found in ZeroWdd studentmanager 1.0. It has been rated as problematic. This issue affects the functi…