Vulnerabilities for Online student admission system (m project...) - CXSECURITY.COM

Vulnerabilities for
'Online student admission system'

2021-10-26

CVE-2021-37371

CWE-89

Online Student Admission System 1.0 is affected by an unauthenticated SQL injection bypass vulnerability in /admin/login.php.

CVE-2021-37372

CWE-434

Online Student Admission System 1.0 is affected by an insecure file upload vulnerability. A low privileged user can upload malicious PHP files by updating their profile image to gain remote code execution.

Copyright 2024, cxsecurity.com