CVE-2024-42777

Name of the Vulnerable Software and Affected Versions Kashipara Music Management System version 1.0

Description An Unrestricted file upload vulnerability was found in "/music/ajax.php?action=signup" of Kashipara Music Management System, which allows attackers to execute arbitrary code via uploading a crafted PHP file. This issue enables attackers to run malicious code through PHP file uploads.

Recommendations For Kashipara Music Management System version 1.0, update the system to the latest version to patch the vulnerability. As a temporary workaround, consider restricting access to the "/music/ajax.php?action=signup" endpoint until a patch is available. Review system logs for signs of exploit and update all web applications to the latest version.