School Event Management System 1.0 allows Arbitrary File Upload via event/controller.php?action=photos.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/150006/School-Event-Management-System-1.0-Shell-Upload.html | Exploit Third Party Advisory VDB Entry |
https://www.exploit-db.com/exploits/45723/ | Exploit Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2018-11-16 18:29
Updated : 2024-02-28 16:48
NVD link : CVE-2018-18793
Mitre link : CVE-2018-18793
CVE.ORG link : CVE-2018-18793
JSON object : View
Products Affected
school_event_management_system_project
- school_event_management_system
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type