How severe is CVE-2024-11485?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 8.1 out of 10.

What type of vulnerability is CVE-2024-11485?

This is classified as CWE-266, which is a common weakness in software security.

CVE-2024-11485 - MEDIUM Severity | CVSS 8.1

Vulnerability Description

A vulnerability, which was classified as critical, has been found in Code4Berry Decoration Management System 1.0. Affected by this issue is some unknown functionality of the file /decoration/admin/userregister.php of the component User Handler. The manipulation leads to permission issues. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Related Vulnerabilities

CVE-2018-1088

HIGH

CVSS:8.1(High)

A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by s...

CWE-2662018

CVE-2021-1594

HIGH

CVSS:8.1(High)

A vulnerability in the REST API of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform a command injection attack and elevate privileges to root. This vulne...

CWE-2662021

CVE-2023-47140

HIGH

CVSS:8.1(High)

IBM CICS Transaction Gateway 9.3 could allow a user to transfer or view files due to improper access controls.

CWE-2662023

CVE-2024-11073

MEDIUM

CVSS:8.1(High)

A vulnerability classified as problematic has been found in SourceCodester Hospital Management System 1.0. This affects an unknown part of the file /vm/patient/delete-account.php. The manipulation of ...

CWE-2662024

CVE-2024-27273

HIGH

CVSS:8.1(High)

IBM AIX's Unix domain (AIX 7.2, 7.3, VIOS 3.1, and VIOS 4.1) datagram socket implementation could potentially expose applications using Unix domain datagram sockets with SO_PEERID operation and may le...

CWE-2662024

CVE-2025-0802

MEDIUM

CVSS:8.1(High)

A vulnerability classified as critical was found in SourceCodester Best Employee Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/View_user.php of t...

CWE-2662025