Vulnerabilities > CVE-2024-0192 - Unspecified vulnerability in NIA RRJ Nueva Ecija Engineer Online Portal 1.0

CVSS 5.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

nia

NVD

Published: 2024-01-02

Updated: 2024-11-21

Summary

A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file downloadable.php of the component Add Downloadable. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249505 was assigned to this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Nia NIA RRJ Nueva Ecija Engineer Online Portal 1.0	1

References

https://mega.nz/file/2RNnjDTR#nDT4E74juKhdO3eWTv8VjDD2dDcNUzyAk2UR3psM8rM
https://mega.nz/file/2RNnjDTR#nDT4E74juKhdO3eWTv8VjDD2dDcNUzyAk2UR3psM8rM
https://vuldb.com/?ctiid.249505
https://vuldb.com/?ctiid.249505
https://vuldb.com/?id.249505
https://vuldb.com/?id.249505