提交 #312217: Sourcecodester Prison Management System v1.0 remote commandexecute信息
标题
Sourcecodester Prison Management System v1.0 remote commandexecute
描述
Prison Management System - File upload on (/Employee/edit-photo.php.Using $_FILES["avatar"]["name"] as the filename on the server can lead to file upload RCE attacks.