जमा करें #855977: code-projects Online Job Portal System 1.0 Allocation of File Descriptors or Handles Without Limits or Throजानकारी

शीर्षकcode-projects Online Job Portal System 1.0 Allocation of File Descriptors or Handles Without Limits or Thro
विवरणDuring a security review of "Online Job Portal System", a critical unrestricted file upload vulnerability was discovered in the JobSeeker registration script /JobSeekerInsert.php. The file upload functionality accepts arbitrary file types and saves them to the web-accessible /upload/ directory using the original filename verbatim. A PHP webshell uploaded by an attacker is immediately accessible and executable by any browser, granting Remote Code Execution on the server. No authentication or authorization is required to trigger this vulnerability.
स्रोत⚠️ https://github.com/shihuizhang-dazhi/MY-CVE/issues/6
उपयोगकर्ता
 dazhi (UID 87857)
सबमिशन11/06/2026 12:56 PM (1 महीना पहले)
संयम13/07/2026 11:19 PM (1 month later)
स्थितिस्वीकृत
VulDB प्रविष्टि378167 [code-projects Online Job Portal 1.0 /JobSeekerInsert.php txtFile अधिकार वृद्धि]
अंक20

Do you need the next level of professionalism?

Upgrade your account now!