Legal Case Management System
CVE-2024-4681
MEDIUM
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from Vendor (vuldb) · only source for this CVE.
CVSS VectorVendor: vuldb
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
A vulnerability, which was classified as critical, was found in Campcodes Legal Case Management System 1.0. Affected is an unknown function of the file /admin/general-setting of the component Setting Handler. The manipulation of the argument favicon/logo leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-263622 is the identifier assigned to this vulnerability.
AnalysisAI
A vulnerability, which was classified as critical, was found in Campcodes Legal Case Management System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified as Unrestricted File Upload (CWE-434), which allows attackers to upload malicious files that can be executed on the server. A vulnerability, which was classified as critical, was found in Campcodes Legal Case Management System 1.0. Affected is an unknown function of the file /admin/general-setting of the component Setting Handler. The manipulation of the argument favicon/logo leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-263622 is the identifier assigned to this vulnerability. Affected products include: Campcodes Legal Case Management System.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate file types server-side, store uploads outside webroot, use random filenames, scan for malware.
More in Legal Case Management System
View allA vulnerability was found in Campcodes Legal Case Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerab
A vulnerability was found in Campcodes Legal Case Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerab
A vulnerability was found in Campcodes Legal Case Management System 1.0 and classified as problematic. Rated medium seve
A vulnerability has been found in Campcodes Legal Case Management System 1.0 and classified as problematic. Rated medium
A vulnerability, which was classified as problematic, has been found in Campcodes Legal Case Management System 1.0. Rate
A vulnerability classified as problematic was found in Campcodes Legal Case Management System 1.0. Rated medium severity
A vulnerability classified as problematic has been found in Campcodes Legal Case Management System 1.0. Rated medium sev
A vulnerability was found in Campcodes Legal Case Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerab
A vulnerability was found in Campcodes Legal Case Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerab
A vulnerability was found in Campcodes Legal Case Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerab
A vulnerability was found in Campcodes Legal Case Management System 1.0 and classified as problematic. Rated medium seve
A vulnerability has been found in Campcodes Legal Case Management System 1.0 and classified as problematic. Rated medium
Same technique File Upload
View allShare
External POC / Exploit Code
Leaving vuln.today