{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-1027","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2024-01-29T13:31:17.185Z","datePublished":"2024-01-30T03:00:06.789Z","dateUpdated":"2025-05-30T19:06:29.388Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2024-01-30T03:00:06.789Z"},"title":"SourceCodester Facebook News Feed Like Post unrestricted upload","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-434","lang":"en","description":"CWE-434 Unrestricted Upload"}]}],"affected":[{"vendor":"SourceCodester","product":"Facebook News Feed Like","versions":[{"version":"1.0","status":"affected"}],"modules":["Post Handler"]}],"descriptions":[{"lang":"en","value":"A vulnerability, which was classified as critical, was found in SourceCodester Facebook News Feed Like 1.0. Affected is an unknown function of the component Post Handler. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-252300."},{"lang":"de","value":"Es wurde eine Schwachstelle in SourceCodester Facebook News Feed Like 1.0 gefunden. Sie wurde als kritisch eingestuft. Es betrifft eine unbekannte Funktion der Komponente Post Handler. Durch Manipulation mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen."}],"metrics":[{"cvssV3_1":{"version":"3.1","baseScore":6.3,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseSeverity":"MEDIUM"}},{"cvssV3_0":{"version":"3.0","baseScore":6.3,"vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseSeverity":"MEDIUM"}},{"cvssV2_0":{"version":"2.0","baseScore":6.5,"vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P"}}],"timeline":[{"time":"2024-01-29T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2024-01-29T01:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2024-01-29T14:36:27.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"thesorcererkingainz (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.252300","tags":["vdb-entry"]},{"url":"https://vuldb.com/?ctiid.252300","tags":["signature","permissions-required"]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-01T18:26:30.369Z"},"title":"CVE Program Container","references":[{"url":"https://vuldb.com/?id.252300","tags":["vdb-entry","x_transferred"]},{"url":"https://vuldb.com/?ctiid.252300","tags":["signature","permissions-required","x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-05-30T19:04:00.622550Z","id":"CVE-2024-1027","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-05-30T19:06:29.388Z"}}]}}