CVE-2024-13133 Information

Description

A vulnerability which was classified as critical has been found in ZeroWdd studentmanager 1.0. This issue affects the function addStudent/editStudent of the file src/main/Java/com/wdd/studentmanager/controller/StudentController. java. The manipulation of the argument file leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Reference

https://github.com/ZeroWdd/studentmanager/issues/16 https://github.com/ZeroWdd/studentmanager/issues/16#issue-2755347097 https://vuldb.com/?ctiid.290207 https://vuldb.com/?id.290207