Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-4xw5-jtmz-nqd3
SummaryA vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file downloadable.php of the component Add Downloadable. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249505 was assigned to this vulnerability.
Aliases
0
alias CVE-2024-0192
Fixed_packages
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-0192
reference_id
reference_type
scores
0
value 0.0016
scoring_system epss
scoring_elements 0.3668
published_at 2026-06-11T12:55:00Z
1
value 0.0016
scoring_system epss
scoring_elements 0.36872
published_at 2026-06-14T12:55:00Z
2
value 0.0016
scoring_system epss
scoring_elements 0.36884
published_at 2026-06-13T12:55:00Z
3
value 0.0016
scoring_system epss
scoring_elements 0.36859
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-0192
1
reference_url https://mega.nz/file/2RNnjDTR#nDT4E74juKhdO3eWTv8VjDD2dDcNUzyAk2UR3psM8rM
reference_id 2RNnjDTR#nDT4E74juKhdO3eWTv8VjDD2dDcNUzyAk2UR3psM8rM
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P
1
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
2
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-09T19:42:35Z/
url https://mega.nz/file/2RNnjDTR#nDT4E74juKhdO3eWTv8VjDD2dDcNUzyAk2UR3psM8rM
2
reference_url https://vuldb.com/?ctiid.249505
reference_id ?ctiid.249505
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P
1
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
2
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-09T19:42:35Z/
url https://vuldb.com/?ctiid.249505
3
reference_url https://vuldb.com/?id.249505
reference_id ?id.249505
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P
1
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
2
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-09T19:42:35Z/
url https://vuldb.com/?id.249505
Weaknesses
0
cwe_id 434
name Unrestricted Upload of File with Dangerous Type
description The product allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.
Exploits
Severity_range_score6.3 - 6.5
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-4xw5-jtmz-nqd3