| Title | sourcecodester Web-based Pharmacy Product Management System using PHP and MySQL Database 1.0 RCE |
|---|
| Description | The add-admin route has file uploads, which cause arbitrary file uploads due to improper detection, resulting in an RCE |
|---|
| Source | ⚠️ https://github.com/6s6-630/CVE/blob/main/yaofang.md |
|---|
| User | puppy_6s6 (UID 82933) |
|---|
| Submission | 04/01/2025 17:09 (1 Year ago) |
|---|
| Moderation | 04/03/2025 21:06 (2 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 303271 [SourceCodester Web-based Pharmacy Product Management System 1.0 Create User Page /add-admin.php Avatar unrestricted upload] |
|---|
| Points | 14 |
|---|