| Titel | Sourcecodester Prison Management System v1.0 remote commandexecute |
|---|
| Beschreibung | Prison Management System - File upload on (/Employee/edit-photo.php.Using $_FILES["avatar"]["name"] as the filename on the server can lead to file upload RCE attacks. |
|---|
| Quelle | ⚠️ https://github.com/fubxx/CVE/blob/main/PrisonManagementSystemRCE3.md |
|---|
| Benutzer | LI YU (UID 67398) |
|---|
| Einreichung | 08.04.2024 05:46 (vor 2 Jahren) |
|---|
| Moderieren | 08.04.2024 08:55 (3 hours later) |
|---|
| Status | Duplikat |
|---|
| VulDB Eintrag | 259630 [SourceCodester Prison Management System 1.0 Avatar /Admin/edit-photo.php erweiterte Rechte] |
|---|
| Punkte | 0 |
|---|