CVE-2024-7809

MEDIUM

SourceCodester Online Graduate Tracer System 1.0 - Info Disclosure

Title source: llm

Description

A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /tracking/nbproject/. The manipulation leads to exposure of information through directory listing. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

References (4)

Core 4

Core References

VDB Entry vdb-entry

https://vuldb.com/?id.274705

Permissions Required, VDB Entry signature permissions-required

https://vuldb.com/?ctiid.274705

Third Party Advisory, VDB Entry third-party-advisory

https://vuldb.com/?submit.390781

Exploit exploit

https://github.com/Wsstiger/cve/blob/main/Tracer_mu.md

View Exploit ZIP pw:eip

Scores

CVSS v3 5.3

EPSS 0.0017

EPSS Percentile 38.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-548

Status published

Products (1)

tamparongj03/online_graduate_tracer_system 1.0

Published Aug 15, 2024

Tracked Since Feb 18, 2026