CVE-2024-41617

Vulnerability Description

Money Manager EX WebApp (web-money-manager-ex) 1.2.2 is vulnerable to Incorrect Access Control. The `redirect_if_not_loggedin` function in `functions_security.php` fails to terminate script execution after redirecting unauthenticated users. This flaw allows an unauthenticated attacker to upload arbitrary files, potentially leading to Remote Code Execution.

Vulnerability Details

Published Date

October 24, 2024

Last Modified

October 29, 2024

Source

NVD

CVE-2024-41617

Vulnerability Description

Vulnerability Details

Discussion (0)

Add Comment