| Titel | ProjectsAndPrograms school-management-system 1 File Upload / RCE |
|---|
| Beschreibung | An authenticated file upload vulnerability exists in the School Management System that allows users with Admin or Teacher roles to upload arbitrary files, which can be executed on the server, leading to Remote Code Execution (RCE). |
|---|
| Quelle | ⚠️ https://github.com/sudo-secure/security-research/blob/main/school-management-system/file-upload-rce/PoC.md |
|---|
| Benutzer | sudosme (UID 96548) |
|---|
| Einreichung | 17.03.2026 16:23 (vor 19 Tagen) |
|---|
| Moderieren | 03.04.2026 09:40 (17 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 355076 [ProjectsAndPrograms School Management System bis 6b6fae5426044f89c08d0dd101c7fa71f9042a59 Profile Picture settings.php Datei erweiterte Rechte] |
|---|
| Punkte | 16 |
|---|