Описание
College Management System v1.0 - Authenticated remote code execution. An admin user (the authentication can be bypassed using SQL Injection that mentioned in my other report) can upload .php file that contains malicious code via student.php file.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:college_management_system_project:college_management_system:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 80%
0.01384
Низкий
7.2 High
CVSS3
Дефекты
CWE-89
CWE-89
Связанные уязвимости
CVSS3: 7.2
github
около 3 лет назад
College Management System v1.0 - Authenticated remote code execution. An admin user (the authentication can be bypassed using SQL Injection that mentioned in my other report) can upload .php file that contains malicious code via student.php file.
EPSS
Процентиль: 80%
0.01384
Низкий
7.2 High
CVSS3
Дефекты
CWE-89
CWE-89