CVE-2024-1268: CodeAstro Restaurant POS System update_product.php unrestricted upload
First published: Wed Feb 07 2024(Updated: )
A vulnerability, which was classified as critical, was found in CodeAstro Restaurant POS System 1.0. This affects an unknown part of the file update_product.php. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-253011.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Restaurant POS System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-1268?
CVE-2024-1268 is classified as a critical vulnerability.
How do I fix CVE-2024-1268?
To mitigate CVE-2024-1268, it is important to update the CodeAstro Restaurant POS System to a secure version that addresses this vulnerability.
What does CVE-2024-1268 affect?
CVE-2024-1268 affects the update_product.php file in the CodeAstro Restaurant POS System version 1.0.
Can CVE-2024-1268 be exploited remotely?
Yes, CVE-2024-1268 can be exploited remotely due to its unrestricted upload capabilities.
What type of vulnerability is CVE-2024-1268?
CVE-2024-1268 is a remote file upload vulnerability.
- agent/title
- agent/references
- agent/weakness
- agent/type
- agent/first-publish-date
- agent/description
- agent/author
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/severity
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/restaurant pos system project
- canonical/restaurant pos system
- version/restaurant pos system/1.0