CVE-2024-5518

Name of the Vulnerable Software and Affected Versions itsourcecode Online Discussion Forum version 1.0

Description A critical issue has been found in the itsourcecode Online Discussion Forum, affecting the file change profile picture.php. The manipulation of the image argument leads to unrestricted upload. This issue can be initiated remotely.

Recommendations For itsourcecode Online Discussion Forum version 1.0, consider restricting access to the change profile picture.php file to minimize the risk of exploitation. As a temporary workaround, avoid using the image argument in the affected file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.