CVE-2024-2930

Name of the Vulnerable Software and Affected Versions SourceCodester Music Gallery Site version 1.0

Description A critical vulnerability was found in the SourceCodester Music Gallery Site, affecting an unknown functionality of the file classes/Master.php?f=save music. This vulnerability leads to unrestricted upload and can be exploited remotely. The exploit has been disclosed to the public.

Recommendations For version 1.0, consider disabling the functionality related to the file classes/Master.php?f=save music to prevent unrestricted upload until a patch is available. Restrict access to this file to minimize the risk of exploitation. Avoid using the save music function in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.