Submit #334215: SourceCodester Online Art Gallery Management System Project using PHP/MySQL V1.0 Unrestricted Uploadinfo

TitleSourceCodester Online Art Gallery Management System Project using PHP/MySQL V1.0 Unrestricted Upload
Descriptionzebra11 found that the file upload operation was triggered in admin/adminHome.phpalt text, and the _FAILES variable was used to receive the payload. After receiving the attack vector from a remote attacker, it will result in unrestricted uploads, and remote attacks may lead to RCE. The input obtained from line 37 of the "admin/adminHome.php" file is used in line 39 of the "admin/adminHome.php" file to determine the location of the file to be written, which may allow attackers to change or damage the content of the file, or create a brand new file.
Source⚠️ https://github.com/CveSecLook/cve/issues/29
User
 zebra11 (UID 68838)
Submission05/14/2024 17:45 (11 months ago)
Moderation05/15/2024 17:07 (23 hours later)
StatusAccepted
VulDB Entry264481 [SourceCodester Online Art Gallery Management System 1.0 admin/adminHome.php sliderpic unrestricted upload]
Points20

Might our Artificial Intelligence support you?

Check our Alexa App!