RSS   Vulnerabilities for
'Online library management system'
   RSS

2020-11-17
 
CVE-2020-28130

CWE-434
 

 
An Arbitrary File Upload in the Upload Image component in SourceCodester Online Library Management System 1.0 allows the user to conduct remote code execution via admin/borrower/index.php?view=add because .php files can be uploaded to admin/borrower/photos (under the web root).

 


Copyright 2024, cxsecurity.com

 

Back to Top