| Titel | SourceCodester Pet grooming management software 1.0 Unrestricted Upload |
|---|
| Beschreibung | This vulnerability exists in the avatar upload function of profile.php. Due to the lack of effective validation and filtering of user-uploaded files, attackers can upload malicious script files (such as .php backdoors). The system directly saves files using the original filenames provided by users to a web-accessible directory, enabling attackers to access and execute the uploaded malicious scripts via URL. This could lead to gaining control of the server, stealing sensitive data, or launching further attacks. |
|---|
| Quelle | ⚠️ https://github.com/chen2496088236/CVE/issues/8 |
|---|
| Benutzer | 111ctx (UID 89466) |
|---|
| Einreichung | 30.08.2025 15:46 (vor 10 Monaten) |
|---|
| Moderieren | 07.09.2025 20:33 (8 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 323039 [SourceCodester Pet Grooming Management Software 1.0 /admin/profile.php erweiterte Rechte] |
|---|
| Punkte | 20 |
|---|