CVE-2024-31822

Name of the Vulnerable Software and Affected Versions Ecommerce-CodeIgniter-Bootstrap (affected versions not specified)

Description An issue in Ecommerce-CodeIgniter-Bootstrap allows a remote attacker to execute arbitrary code via the saveLanguageFiles method of the Languages.php component. This issue can lead to privilege escalation. It is recommended to review the code for validation gaps and limit file write destinations to prevent remote attacks.

Recommendations As a temporary workaround, consider disabling the saveLanguageFiles method of the Languages.php component until a patch is available. Restrict access to the Languages.php component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.