CVE-2024-37869

Name of the Vulnerable Software and Affected Versions Itsourcecode Online Discussion Forum Project version 1.0

Description The issue allows a remote attacker to execute arbitrary code via the "poster.php" file. The uploaded file is received using the $ FILES variable. This enables the attacker to potentially compromise the system.

Recommendations For Itsourcecode Online Discussion Forum Project version 1.0, consider disabling the file upload functionality in the "poster.php" file until a patch is available. Restrict access to the $ FILES variable to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.