Student Information System v1.0 is vulnerable to an Insecure File Upload vulnerability on the 'photo' parameter of my-profile page, allowing an authenticated attacker to obtain Remote Code Execution on the server hosting the application.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Fluid Attacks
Published: 2023-12-07T23:10:04.387Z
Updated: 2024-08-02T07:17:11.891Z
Reserved: 2023-08-02T21:52:40.992Z
Link: CVE-2023-4122
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-12-07T23:15:07.277
Modified: 2023-12-11T17:48:11.740
Link: CVE-2023-4122
Redhat
No data.