提交 #108503: The page parameter in index.php in php-sqlite-gpa-calculator exists to read the file信息

标题The page parameter in index.php in php-sqlite-gpa-calculator exists to read the file
描述A serious vulnerability was found in php-sqlite-gpa-calculator, which allows users to read file content through php pseudo-protocol after concatenating urls。 http://127.0.0.1/php-sqlite-gpa-calculator/?page=grade_table can be concatenated and written as http://127.0.0.1/php-sqlite-gpa-calculator/?page=php://filter/read=convert.base64-encode/resource=grade_table project url :https://www.sourcecodester.com/php/16373/grade-point-average-gpa-calculator-php-and-sqlite3-source-code-free-download.html
来源⚠️ https://github.com/Pe4cefulSnow/CVE-Advisory/blob/main/README.md
用户
 Pe4cefulSnow (UID 34389)
提交2023-03-31 06時43分 (3 年前)
管理2023-03-31 12時30分 (6 hours later)
状态已接受
VulDB条目224670 [SourceCodester Grade Point Average GPA Calculator 1.0 index.php page 信息公开]
积分20

上一步一览下一步

Want to stay up to date on a daily basis?

Enable the mail alert feature now!