Login Sign Up

CVE-2024-12233

7.3 HIGH
Remote Code Execution

📋 TL;DR

CVE-2024-12233 is a critical unrestricted file upload vulnerability in code-projects Online Notice Board that allows attackers to upload malicious files via the profile picture handler. This can lead to remote code execution, compromising the entire web application. All users running Online Notice Board version 1.0 or earlier are affected.

💻 Affected Systems

Products:
  • code-projects Online Notice Board
Versions: up to 1.0
Operating Systems: all
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the /registration.php file's Profile Picture Handler component. Any installation with this component enabled is vulnerable.

📦 What is this software?

Online Notice Board by Fabian

View all CVEs affecting Online Notice Board →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server compromise through remote code execution, allowing attackers to execute arbitrary commands, steal data, install malware, or pivot to internal networks.

🟠

Likely Case

Webshell deployment leading to data theft, defacement, or use as a foothold for further attacks.

🟢

If Mitigated

File uploads blocked or properly validated, preventing malicious file execution.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit details are publicly available on GitHub. The vulnerability requires no authentication and has simple exploitation steps.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: unknown

Vendor Advisory: https://code-projects.org/

Restart Required: No

Instructions:

No official patch available. Consider workarounds or migrating to alternative software.

🔧 Temporary Workarounds

Disable Profile Picture Upload

all

Remove or disable the profile picture upload functionality in /registration.php

# Edit registration.php to remove img parameter handling or disable upload feature

Implement File Upload Restrictions

all

Add server-side validation to restrict file types, extensions, and content

# Add PHP validation: check file extension, MIME type, and scan for malicious content

🧯 If You Can't Patch

  • Implement web application firewall (WAF) rules to block malicious file uploads
  • Isolate the application in a restricted network segment with no internet access

🔍 How to Verify

Check if Vulnerable:

Check if Online Notice Board version is 1.0 or earlier and if /registration.php accepts file uploads without proper validation

Check Version:

# Check version in application files or documentation

Verify Fix Applied:

Test file upload functionality with various file types to ensure only allowed extensions are accepted

📡 Detection & Monitoring

Log Indicators:

  • Unusual file uploads to /registration.php
  • Execution of unexpected files in web directories
  • Webshell access patterns

Network Indicators:

  • POST requests to /registration.php with file uploads
  • Unusual outbound connections from web server

SIEM Query:

source="web_logs" AND uri="/registration.php" AND method="POST" AND (file_extension="php" OR file_extension="jsp" OR file_extension="asp")

📊 Metadata

CVE ID: CVE-2024-12233
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-284
Published: December 5, 2024
Last Updated: October 23, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-12233, you might also want to check these:

CVE-2021-34795 10.0

This critical vulnerability in Cisco Catalyst PON Series Switches ONT web management interface allow...

Same vulnerability type (CWE-284)
CVE-2021-40113 10.0

Multiple vulnerabilities in Cisco Catalyst PON Series Switches ONT web management interface allow un...

Same vulnerability type (CWE-284)
CVE-2026-21636 10.0

A critical vulnerability in Node.js v25's experimental permission model allows attacker-controlled i...

Same vulnerability type (CWE-284)