| عنوان | itsourcecode Online Hotel Management System v1.0 Arbitrary file upload vulnerability |
|---|
| الوصف | A Arbitrary file upload vulnerability vulnerability was identified within the " /admin/mod_amenities/controller.php" file of the "Online Hotel Management System " project. The root cause is that attackers can bypass file type detection via "Content-Type" and "Content-Disposition". Then upload malicious Trojan files. As a result, attackers can upload malicious scripts and execute them to directly control servers, steal data, or launch subsequent attacks that seriously threaten system security. In order to safeguard system security and maintain data integrity and confidentiality, corrective action must be taken immediately. |
|---|
| المصدر | ⚠️ https://github.com/Hh-176/CVE/issues/4 |
|---|
| المستخدم | Hh-176 (UID 98609) |
|---|
| ارسال | 30/05/2026 06:09 AM (1 شهر منذ) |
|---|
| الاعتدال | 28/06/2026 06:02 PM (29 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 374561 [itsourcecode Online Hotel Management System 1.0 controller.php?action=add image تجاوز الصلاحيات] |
|---|
| النقاط | 20 |
|---|