漏洞标题
源代码维护者简易在线竞拍系统无限制上传
漏洞描述信息
在SourceCodester简单在线招标系统1.0中发现了一个漏洞,已被认定为严重。该漏洞影响文件/simple-online-bidding-system/admin/ajax.php?action=save_product中的未知功能,攻击者可以通过控制此功能进行不受限制的上传。该攻击可远程执行。该漏洞已被公开披露,可能会被利用。与此漏洞相关的标识符为VDB-264463。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
危险类型文件的不加限制上传
漏洞标题
SourceCodester Simple Online Bidding System unrestricted upload
漏洞描述信息
A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /simple-online-bidding-system/admin/ajax.php?action=save_product. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-264463.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
漏洞类别
危险类型文件的不加限制上传
漏洞标题
Simple Online Bidding System 代码问题漏洞
漏洞描述信息
Simple Online Bidding System是oretnom23个人开发者的一个在线投标系统。 Simple Online Bidding System 1.0版本存在代码问题漏洞,该漏洞源于没有限制文件上传次数。
CVSS信息
N/A
漏洞类别
代码问题