An Arbitrary File Upload in the Upload Image component in SourceCodester Online Library Management System 1.0 allows the user to conduct remote code execution via admin/borrower/index.php?view=add because .php files can be uploaded to admin/borrower/photos (under the web root).
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-11-17T20:17:59
Updated: 2024-08-04T16:33:57.555Z
Reserved: 2020-11-02T00:00:00
Link: CVE-2020-28130
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-11-17T21:15:13.020
Modified: 2020-11-23T19:47:05.500
Link: CVE-2020-28130
Redhat
No data.