{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-0348","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2024-01-09T14:13:44.911Z","datePublished":"2024-01-09T22:00:04.969Z","dateUpdated":"2025-06-17T20:39:19.050Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2024-01-09T22:00:04.969Z"},"title":"SourceCodester Engineers Online Portal File Upload resource consumption","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-400","lang":"en","description":"CWE-400 Resource Consumption"}]}],"affected":[{"vendor":"SourceCodester","product":"Engineers Online Portal","versions":[{"version":"1.0","status":"affected"}],"modules":["File Upload Handler"]}],"descriptions":[{"lang":"en","value":"A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been classified as problematic. Affected is an unknown function of the component File Upload Handler. The manipulation leads to resource consumption. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250116."},{"lang":"de","value":"Es wurde eine problematische Schwachstelle in SourceCodester Engineers Online Portal 1.0 ausgemacht. Hiervon betroffen ist ein unbekannter Codeblock der Komponente File Upload Handler. Durch das Beeinflussen mit unbekannten Daten kann eine resource consumption-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung."}],"metrics":[{"cvssV3_1":{"version":"3.1","baseScore":4.3,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseSeverity":"MEDIUM"}},{"cvssV3_0":{"version":"3.0","baseScore":4.3,"vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseSeverity":"MEDIUM"}},{"cvssV2_0":{"version":"2.0","baseScore":4,"vectorString":"AV:N/AC:L/Au:S/C:N/I:N/A:P"}}],"timeline":[{"time":"2024-01-09T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2024-01-09T01:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2024-01-09T15:19:08.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"ahmed8199 (VulDB User)","type":"analyst"}],"references":[{"url":"https://vuldb.com/?id.250116","tags":["vdb-entry"]},{"url":"https://vuldb.com/?ctiid.250116","tags":["signature","permissions-required"]},{"url":"https://mega.nz/file/HNkn2QbI#EjefwKgFoAjtWcxrQFMgBfhVQ1LAf2hq7Jg-nDsE-P4","tags":["exploit"]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-01T18:04:49.007Z"},"title":"CVE Program Container","references":[{"url":"https://vuldb.com/?id.250116","tags":["vdb-entry","x_transferred"]},{"url":"https://vuldb.com/?ctiid.250116","tags":["signature","permissions-required","x_transferred"]},{"url":"https://mega.nz/file/HNkn2QbI#EjefwKgFoAjtWcxrQFMgBfhVQ1LAf2hq7Jg-nDsE-P4","tags":["exploit","x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2024-0348","role":"CISA Coordinator","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-01-10T18:08:54.288684Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-06-17T20:39:19.050Z"}}]}}