| 제목 | SourceCodester Student Management System V1.0 Unrestricted Upload |
|---|
| 설명 | The input obtained through doupdateimage in line 218 of the student\controller.php file is used by doupdateimage in line 237 of the student\controller.php file to determine the location of the file to be written, which may allow attackers to change or damage the content of the file, or create a brand new file
Schnee found that the file upload operation was triggered in /student/controller.php, and the _FAILE variable was used to receive the payload. After receiving the attack vector from a remote attacker, it will result in unrestricted uploads, and remote attacks may lead to RCE. |
|---|
| 원천 | ⚠️ https://github.com/I-Schnee-I/cev/blob/main/SourceCodester%20Student%20Management%20System%201.0%20controller.php%20Unrestricted%20Upload.md |
|---|
| 사용자 | Schnee (UID 68656) |
|---|
| 제출 | 2024. 05. 15. PM 08:31 (2 연령 ago) |
|---|
| 모더레이션 | 2024. 05. 17. AM 07:55 (1 day later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 264744 [SourceCodester Student Management System 1.0 /student/controller.php photo 권한 상승] |
|---|
| 포인트들 | 20 |
|---|