Security for everyone

CVE-2024-0352 Scanner

Detects 'Arbitrary File Upload' vulnerability in Likeshop affects v. up to 2.5.7.20210311.

SCAN NOW

Short Info


Level

High

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Domain, Ipv4

Source

-

Likeshop is an e-commerce platform used for building social media stores. It is specifically designed for the popular social media platform, Facebook. Sellers can use Likeshop to list and sell their products on their Facebook pages. This platform is ideal for small businesses, entrepreneurs, and aspiring online merchants who want to establish their presence on social media.

The vulnerability code CVE-2024-0352 was detected in Likeshop up to version 2.5.7.20210311. This vulnerability affects the function FileServer::userFormImage of the file server/application/api/controller/File.php of the component HTTP POST Request Handler. A skilled attacker can exploit this vulnerability remotely by manipulating the file argument and gain unrestricted access to upload files. This is a critical vulnerability as it allows an attacker to execute arbitrary code on the server and gain complete control over the system.

Exploiting this vulnerability can lead to severe consequences for the seller, customers, and the business as a whole. An attacker can upload malicious files that can infect the operating system and compromise the entire server. The attacker can easily steal user data, including personal and financial information. This can result in identity theft, fraud, and financial losses. It can also lead to a loss of reputation for the seller and the business, which can be challenging to recover from.

By subscribing to SecurityForEveryone.com Pro services, readers can easily and quickly learn about vulnerabilities in their digital assets. The platform offers advanced features to detect, prevent and respond to cyber threats. The platform can scan for vulnerabilities, provide real-time alerts, and offer actionable insights to mitigate risks. Businesses can protect their digital assets with personalized protection plans tailored to their specific needs. The SecurityForEveryone.com platform is a reliable and effective solution for businesses of all sizes to protect their digital assets from potential cyber threats.

 

REFERENCES

cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture