Submit #43442: The gym management system has a file upload vulnerability and an arbitrary user deletion vulnerability
| Title | The gym management system has a file upload vulnerability and an arbitrary user deletion vulnerability |
|---|---|
| Description | The gym management system has a file upload vulnerability and an arbitrary user deletion vulnerability. The files uploaded by users are not strictly checked, resulting in controllable uploaded files, which can upload webshell and Other Trojans that harm the website. When deleting a user, the user ID can be changed, resulting in the deletion of any user and endangering the security of the website. Vulnerability file location: / admin / add_ exercises.php look at this source code ``` $exercise_ img= $_ FILES['exer_img']['name']; $temp_ name= $_ FILES['exer_img']['tmp_name']; move_ uploaded_ file($temp_name, "exercise_images/$exercise_img"); ``` Without checking the file suffix content uploaded by the user, the user can upload any file including Trojan horse to control the website. https://s1.ax1x.com/2022/08/11/vG9kjJ.png https://s1.ax1x.com/2022/08/11/vG9Fc4.png https://s1.ax1x.com/2022/08/11/vG9i3F.png Vulnerability file location: / admin / delete_ user.php look at this source code ``` $delete_ id=$_ GET['delete_user']; $delete_ user="DELETE FROM users WHERE user_id='$delete_id'"; ``` The user entered delete was not checked_ User, the input content is controlled by the user, and the user can construct malicious statements to attack the website and illegally delete the user. https://s1.ax1x.com/2022/08/11/vGCSrd.png Source link https://www.sourcecodester.com/php/15515/gym-management-system-project-php.html |
| Source | ⚠️ https:/ |
| User | qidian (ID 30810) |
| Submission | 11/08/2022 10:45 (2 years ago) |
| Moderation | 11/08/2022 11:26 (41 minutes later) |
| Accepted | تمت الموافقة |
| VulDB Entry | VDB-206172 |