إرسال #618946: code-projects Church Donation System V1.0 Unrestricted Uploadالمعلومات

عنوانcode-projects Church Donation System V1.0 Unrestricted Upload
الوصفDuring the security assessment of "Church Donation System", I detected a critical unrestricted file upload vulnerability in the "/members/admin_pic.php" file. This vulnerability is attributed to the insufficient validation of uploaded files. Attackers can upload arbitrary files by bypassing file extension checks, MIME type validation, or content inspection. This enables them to execute unauthorized code on the server, posing a significant threat. Immediate corrective measures are required to safeguard system security and protect business data.
المصدر⚠️ https://github.com/n0name-yang/myCVE/issues/16
المستخدم
 n0name (UID 82970)
ارسال19/07/2025 01:03 PM (12 أشهر منذ)
الاعتدال21/07/2025 08:30 AM (2 days later)
الحالةتمت الموافقة
إدخال VulDB317060 [code-projects Church Donation System 1.0 /members/admin_pic.php image تجاوز الصلاحيات]
النقاط20

Want to know what is going to be exploited?

We predict KEV entries!