| عنوان | sourcecodester EMPLOYEE AND VISITOR GATE PASS LOGGING SYSTEM v1.0 files upload |
|---|
| الوصف | System Employee and Guest Gate Pass Logging 1.0 is vulnerable to an unrestricted file upload attack via /employee_gatepass/classes/Users.php?f=ssave. This function does not impose restrictions on upload suffixes. A malicious actor could exploit this vulnerability to directly take over the target server. |
|---|
| المصدر | ⚠️ https://github.com/I-Schnee-I/cev/blob/main/upload.md |
|---|
| المستخدم | Schnee (UID 68656) |
|---|
| ارسال | 14/05/2024 04:34 AM (2 سنوات منذ) |
|---|
| الاعتدال | 15/05/2024 01:43 PM (1 day later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 264456 [SourceCodester Employee and Visitor Gate Pass Logging System 1.0 Users.php?f=ssave img تجاوز الصلاحيات] |
|---|
| النقاط | 18 |
|---|