CVE-2024-46471

Published: Sep 27, 2024Modified: Mar 31, 2025

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

The Directory Listing in /uploads/ Folder in CodeAstro Membership Management System 1.0 exposes the structure and contents of directories, potentially revealing sensitive information.

Affected (1)

Products: Codeastro: Membership Management System

Codeastro

1 product

Membership Management System

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Codeastro Membership Management System	Version 1.0

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (2)

https://codeastro.com/membership-management-system-in-php-with-source-code/

Source: cve@mitre.org

Product

https://github.com/JonMoriSenpai/CVE-WriteUps/blob/main/CodeAstro%20-%20MembershipM-PHP/CVE-2024-46471/writeup.md

Source: cve@mitre.org

ExploitMitigationThird Party Advisory

Timeline

No history available yet.