| 제목 | Agro-School Management System has a file upload (RCE) vulnerability |
|---|
| 설명 | Agro-School Management System has a file upload (RCE) vulnerability, vulnerability exists in btn_functions.php file, can upload any format of the file, and execute any code, the function of the file name timestamp confusion, but can be predicted, can be used by malicious users to upload any file execution code, access to the server.
Source Down:https://code-projects.org/agro-school-management-system-in-php-with-source-code/ |
|---|
| 원천 | ⚠️ https://github.com/hotencode/CveHub/blob/main/Agro-School%20Management%20System%20has%20a%20file%20upload%20(RCE)%20vulnerability.pdf |
|---|
| 사용자 | ZhangWang (UID 47877) |
|---|
| 제출 | 2023. 06. 02. AM 11:36 (3 연령 ago) |
|---|
| 모더레이션 | 2023. 06. 02. PM 02:46 (3 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 230567 [code-projects Agro-School Management System 1.0 Attachment Image btn_functions.php 권한 상승] |
|---|
| 포인트들 | 20 |
|---|