| 제목 | Admission Management System has a file upload (RCE) vulnerability |
|---|
| 설명 | Admission Management System has a file upload (RCE) vulnerability, vulnerability exists in student_avatar.php file, Can upload any format of the file, and there is no limit, the file name is the file name when uploaded, developers should limit the type of file uploaded by users, otherwise it will lead to users to obtain server permissions, steal sensitive data, serious or even lead to server crash, a large number of user privacy disclosure.
Source DownLoad:https://code-projects.org/admission-management-system-in-php-css-and-mysql-free-download/ |
|---|
| 원천 | ⚠️ https://github.com/lxxcute/Bug/blob/main/Admission%20Management%20System%20has%20a%20file%20upload%20(RCE)%20vulnerability.pdf |
|---|
| 사용자 | Lxx123 (UID 56781) |
|---|
| 제출 | 2023. 10. 27. AM 10:47 (2 연령 ago) |
|---|
| 모더레이션 | 2023. 10. 27. PM 03:50 (5 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 243728 [code-projects Admission Management System 1.0 student_avatar.php 권한 상승] |
|---|
| 포인트들 | 20 |
|---|