| Title | SIMPLE ONLINE HOTEL RESERVATION SYSTEM has a file upload (RCE) vulnerability |
|---|
| Description | SIMPLE ONLINE HOTEL RESERVATION SYSTEM has a file upload (RCE) vulnerability, vulnerability exists in add_room.php file, can upload any format of the file, and execute any code, the function of the file name timestamp confusion, but can be predicted, can be used by malicious users to upload any file execution code, access to the server.
Souce Download:https://code-projects.org/simple-online-hotel-reservation-system-in-php-with-source-code/ |
|---|
| Source | ⚠️ https://github.com/sincere9/Bug-Hub/blob/main/SIMPLE%20ONLINE%20HOTEL%20RESERVATION%20SYSTEM/SIMPLE%20ONLINE%20HOTEL%20RESERVATION%20SYSTEM%20has%20a%20file%20upload%20(RCE)%20vulnerability.pdf |
|---|
| User | sincere (UID 43254) |
|---|
| Submission | 03/22/2023 03:45 (3 years ago) |
|---|
| Moderation | 03/22/2023 11:07 (7 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 223554 [code-projects Simple Online Hotel Reservation System 1.0 add_room.php unrestricted upload] |
|---|
| Points | 20 |
|---|