Title | campcodes Church Management System ≤1.0 Arbitrary file upload |
---|
Description | Arbitrary file upload vulnerability exists in image parameter of /admin/admin_pic.php file of Church Management System
Arbitrary file upload poses significant cybersecurity risks. Attackers can upload files containing malicious code to execute on the server, gaining system privileges and stealing sensitive data. They may also overwrite or delete legitimate files, disrupt system functionality, and abuse server resources. By bypassing authentication mechanisms, attackers can gain access to restricted resources, escalate privileges, and compromise the server.
Payload: image=<?php phpinfo(); ?> |
---|
Source | ⚠️ https://github.com/E1CHO/cve_hub/blob/main/Church%20Management%20System/Church%20Management%20System%20-%20vuln%2010.pdf |
---|
User | SSL_Seven_Security Lab_WangZhiQiang_XiaoZiLong (ID 38936) |
---|
Submission | 08.04.2024 17:30 (1 month ago) |
---|
Moderation | 09.04.2024 18:45 (1 day later) |
---|
Status | Duplicate |
---|
VulDB Entry | 210565 |
---|