Описание
Online Student Admission System 1.0 is affected by an insecure file upload vulnerability. A low privileged user can upload malicious PHP files by updating their profile image to gain remote code execution.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:online_student_admission_system_project:online_student_admission_system:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.0787
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-434
Связанные уязвимости
github
больше 3 лет назад
Online Student Admission System 1.0 is affected by an insecure file upload vulnerability. A low privileged user can upload malicious PHP files by updating their profile image to gain remote code execution.
EPSS
Процентиль: 92%
0.0787
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-434