| 제목 | The gym management system has a file upload vulnerability and an arbitrary user deletion vulnerability |
|---|
| 설명 | The gym management system has a file upload vulnerability and an arbitrary user deletion vulnerability. The files uploaded by users are not strictly checked, resulting in controllable uploaded files, which can upload webshell and Other Trojans that harm the website. When deleting a user, the user ID can be changed, resulting in the deletion of any user and endangering the security of the website.
Vulnerability file location: / admin / add_ exercises.php
look at this source code
```
$exercise_ img= $_ FILES['exer_img']['name'];
$temp_ name= $_ FILES['exer_img']['tmp_name'];
move_ uploaded_ file($temp_name, "exercise_images/$exercise_img");
```
Without checking the file suffix content uploaded by the user, the user can upload any file including Trojan horse to control the website.
https://s1.ax1x.com/2022/08/11/vG9kjJ.png
https://s1.ax1x.com/2022/08/11/vG9Fc4.png
https://s1.ax1x.com/2022/08/11/vG9i3F.png
Vulnerability file location: / admin / delete_ user.php
look at this source code
```
$delete_ id=$_ GET['delete_user'];
$delete_ user="DELETE FROM users WHERE user_id='$delete_id'";
```
The user entered delete was not checked_ User, the input content is controlled by the user, and the user can construct malicious statements to attack the website and illegally delete the user.
https://s1.ax1x.com/2022/08/11/vGCSrd.png
Source link
https://www.sourcecodester.com/php/15515/gym-management-system-project-php.html |
|---|
| 원천 | ⚠️ https://www.sourcecodester.com/php/15515/gym-management-system-project-php.html/ |
|---|
| 사용자 | qidian (UID 30810) |
|---|
| 제출 | 2022. 08. 11. AM 10:45 (4 연령 ago) |
|---|
| 모더레이션 | 2022. 08. 11. AM 11:26 (41 minutes later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 206172 [SourceCodester Gym Management System delete_user.php delete_user 서비스 거부] |
|---|
| 포인트들 | 20 |
|---|