Submit #304234: Sourcecodester Music Gallery Site using PHP and MySQL Database Free Source Code V1.0 Incorrect Access Controlinfo

TitleSourcecodester Music Gallery Site using PHP and MySQL Database Free Source Code V1.0 Incorrect Access Control
Descriptionliwenjie has discovered a vulnerability classified as critical in Music Gallery Site using PHP and MySQL Database Free Source Code V1.0. The function upload is affected. This operation will result in unrestricted uploads. Remote attacks can cause RCE.And this process does not require any authentication.
Source⚠️ https://github.com/xuanluansec/vul/blob/main/vul/Music%20Gallery%20Site%20using%20PHP%20and%20MySQL%20Database%20Free%20Source%20Code/Music%20Gallery%20Site%20using%20PHP%20and%20MySQL%20Database%20Free%20Source%20Code.md
User
 liwenjie (UID 66694)
Submission03/25/2024 20:11 (2 years ago)
Moderation03/26/2024 16:41 (20 hours later)
StatusAccepted
VulDB entry258001 [SourceCodester Music Gallery Site 1.0 Master.php?f=save_music unrestricted upload]
Points17

Do you know our Splunk app?

Download it now for free!