漏洞标题
源代码库ster在线旅游与旅行管理系统ab.php不受限制的上传
漏洞描述信息
SourceCodester 在线旅游与旅行管理系统 ab.php 无限制上传
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
SourceCodester Online Tours & Travels Management System ab.php unrestricted upload
漏洞描述信息
A vulnerability, which was classified as problematic, was found in SourceCodester Online Tours & Travels Management System 1.0. Affected is an unknown function of the file admin/ab.php. The manipulation of the argument img leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-222978 is the identifier assigned to this vulnerability.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
漏洞类别
危险类型文件的不加限制上传
漏洞标题
Online Tours & Travels Management System 代码问题漏洞
漏洞描述信息
Online Tours & Travels Management System是Mayuri K.个人开发者的一个在线旅游管理系统。 SourceCodester Online Tours & Travels Management System 1.0版本存在代码问题漏洞,该漏洞源于文件 admin/ab.php 存在未知函数,通过参数 img 导致不受限制的上传。
CVSS信息
N/A
漏洞类别
代码问题