| Title | SourceCodester Zipped Folder Manager App 1.0 Cross Site Scripting |
|---|
| Description | The Zipped Folder Manager App 1.0 has an Arbitrary File Upload vulnerability in its add-folder.php file.
This vulnerability arises because the application does not thoroughly validate the contents of uploaded files, even though it checks that the file extension is .zip. Attackers can exploit this vulnerability to upload malicious files disguised as .zip files, leading to potential execution of arbitrary code on the server. |
|---|
| Source | ⚠️ https://github.com/jadu101/CVE/blob/main/SourceCodester_Zipped_Folder_Manager_App_File_Upload.md |
|---|
| User | jadu101 (UID 70632) |
|---|
| Submission | 08/25/2024 15:58 (2 years ago) |
|---|
| Moderation | 08/26/2024 09:40 (18 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 275769 [SourceCodester Zipped Folder Manager App 1.0 /endpoint/add-folder.php folder unrestricted upload] |
|---|
| Points | 19 |
|---|