| タイトル | Code-projects Voting System 1.0 Unrestricted Upload |
|---|
| 説明 | During the security assessment of "Voting System", I detected a critical file upload vulnerability in the "/admin/voters_add.php" file. This vulnerability stems from inadequate validation mechanisms for uploaded files, particularly the lack of proper file type verification, content checking, and extension filtering. Attackers can bypass existing restrictions to upload malicious files, potentially gaining unauthorized access to the server, executing arbitrary commands, and compromising the entire system. Immediate remediation is essential to ensure system security. |
|---|
| ソース | ⚠️ https://github.com/underatted/CVE/issues/13 |
|---|
| ユーザー | underatted (UID 90321) |
|---|
| 送信 | 2025年10月05日 12:43 (8 月 ago) |
|---|
| モデレーション | 2025年10月08日 16:55 (3 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 327633 [code-projects Voting System 1.0 /admin/voters_add.php photo 特権昇格] |
|---|
| ポイント | 20 |
|---|