CVE-2024-24498 Information

Description

Unrestricted File Upload vulnerability in Employee Management System 1.0 allows a remote attacker to execute arbitrary code via the edit-photo.php component.

Reference

https://github.com/0xQRx/VulnerabilityResearch/blob/master/2024/EmployeeManagementSystem-Unauthenticated_Unrestricted_File_Upload_To_RCE.md