CVE-2024-13212

Name of the Vulnerable Software and Affected Versions SingMR HouseRent version 1.0

Description A critical vulnerability has been found in SingMR HouseRent. This issue affects the singleUpload/upload function of the file src/main/java/com/house/wym/controller/AddHouseController.java. The manipulation of the file argument leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Recommendations For SingMR HouseRent version 1.0, as a temporary workaround, consider disabling the singleUpload/upload function until a patch is available. Restrict access to the AddHouseController.java file to minimize the risk of exploitation. Avoid using the file argument in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.