| Title | https://www.sourcecodester.com Prison Management System v1.0 remote command/code execute |
|---|
| Description | A critical vulnerability has been discovered in the Online Courseware. This affects the add-admin.php file. No checks are made on the contents and suffixes of files uploaded by users, allowing attackers to upload php files containing malicious code and perform remote command execution. |
|---|
| Source | ⚠️ https://github.com/fubxx/CVE/blob/main/PrisonManagementSystemRCE2.md |
|---|
| User | LI YU (UID 67398) |
|---|
| Submission | 04/07/2024 14:35 (2 years ago) |
|---|
| Moderation | 04/07/2024 15:14 (39 minutes later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 259631 [SourceCodester Prison Management System 1.0 Avatar /Admin/add-admin.php unrestricted upload] |
|---|
| Points | 17 |
|---|