| 标题 | SRMS Student Result Management System 1.0 Path Traversal |
|---|
| 描述 | Improper unlink used in update_student.php, the system use unlink to delete old photo without any check. Attacker can use a path traversal to delete all the file in file system. |
|---|
| 来源 | ⚠️ https://magnificent-dill-351.notion.site/Arbitrary-File-Delete-of-update_student-in-SRMS-1-0-1f5c693918ed8047ad31d03c6034b4f6 |
|---|
| 用户 | s0l42 (UID 82389) |
|---|
| 提交 | 2025-05-16 10時31分 (11 月前) |
|---|
| 管理 | 2025-05-17 16時45分 (1 day later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 309469 [SourceCodester Student Result Management System 1.0 Image File update_student.php old_photo 目录遍历] |
|---|
| 积分 | 13 |
|---|