CVE-2024-11661

Name of the Vulnerable Software and Affected Versions Codezips Free Exam Hall Seating Management System version 1.0

Description A vulnerability was found in the Profile Image Handler component of the system, affecting the file profile.php. The manipulation of the image argument leads to unrestricted upload. The attack can be initiated remotely. The vulnerability class of this issue is confused by the researcher.

Recommendations For Codezips Free Exam Hall Seating Management System version 1.0, as a temporary workaround, consider disabling the image upload functionality in the Profile Image Handler component until a patch is available. Restrict access to the profile.php file to minimize the risk of exploitation. Avoid using the image argument in the affected component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.