| عنوان | SourceCodester Student Management System V1.0 Unrestricted Upload |
|---|
| الوصف | The input obtained through doupdateimage in line 218 of the student\controller.php file is used by doupdateimage in line 237 of the student\controller.php file to determine the location of the file to be written, which may allow attackers to change or damage the content of the file, or create a brand new file
Schnee found that the file upload operation was triggered in /student/controller.php, and the _FAILE variable was used to receive the payload. After receiving the attack vector from a remote attacker, it will result in unrestricted uploads, and remote attacks may lead to RCE. |
|---|
| المصدر | ⚠️ https://github.com/I-Schnee-I/cev/blob/main/SourceCodester%20Student%20Management%20System%201.0%20controller.php%20Unrestricted%20Upload.md |
|---|
| المستخدم | Schnee (UID 68656) |
|---|
| ارسال | 15/05/2024 08:31 PM (2 سنوات منذ) |
|---|
| الاعتدال | 17/05/2024 07:55 AM (1 day later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 264744 [SourceCodester Student Management System 1.0 /student/controller.php photo تجاوز الصلاحيات] |
|---|
| النقاط | 20 |
|---|