CVE-2024-24393

Name of the Vulnerable Software and Affected Versions Pichome version 1.1.01

Description A remote attacker can execute arbitrary code via a crafted POST request to the index.php file, exploiting a File Upload vulnerability. This allows for unrestricted file upload, potentially leading to code execution.

Recommendations For Pichome version 1.1.01, consider disabling the file upload functionality in index.php as a temporary workaround until a patch is available. Restrict access to the index.php file to minimize the risk of exploitation. Avoid using the file upload feature until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.