CVE-2024-49610

Name of the Vulnerable Software and Affected Versions photokit versions n/a through 1.0

Description The issue allows for the unrestricted upload of files with dangerous types, enabling a user to upload a web shell to a web server. This can be exploited to gain unauthorized access to the server.

Recommendations For photokit versions n/a through 1.0, consider disabling file upload functionality until a patch is available to prevent the upload of malicious files. Restrict access to sensitive areas of the web server to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.