Sourcecodester Online Learning System 2.0 is vunlerable to sql injection authentication bypass in admin login file (/admin/login.php) and authenticated file upload in (Master.php) file , we can craft these two vunlerablities to get unauthenticated remote command execution.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-11-15T15:57:28
Updated: 2024-08-04T03:38:49.876Z
Reserved: 2021-10-18T00:00:00
Link: CVE-2021-42580
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-11-15T16:15:10.367
Modified: 2021-11-26T15:18:52.777
Link: CVE-2021-42580
Redhat
No data.