제출 #855977: code-projects Online Job Portal System 1.0 Allocation of File Descriptors or Handles Without Limits or Thro정보

제목code-projects Online Job Portal System 1.0 Allocation of File Descriptors or Handles Without Limits or Thro
설명During a security review of "Online Job Portal System", a critical unrestricted file upload vulnerability was discovered in the JobSeeker registration script /JobSeekerInsert.php. The file upload functionality accepts arbitrary file types and saves them to the web-accessible /upload/ directory using the original filename verbatim. A PHP webshell uploaded by an attacker is immediately accessible and executable by any browser, granting Remote Code Execution on the server. No authentication or authorization is required to trigger this vulnerability.
원천⚠️ https://github.com/shihuizhang-dazhi/MY-CVE/issues/6
사용자
 dazhi (UID 87857)
제출2026. 06. 11. PM 12:56 (1 월 ago)
모더레이션2026. 07. 13. PM 11:19 (1 month later)
상태수락
VulDB 항목378167 [code-projects Online Job Portal 1.0 /JobSeekerInsert.php txtFile 권한 상승]
포인트들20

Want to know what is going to be exploited?

We predict KEV entries!