N/A

An Arbitrary File Upload in the Upload Image component in SourceCodester Online Library Management System 1.0 allows the user to conduct remote code execution via admin/borrower/index.php?view=add because .php files can be uploaded to admin/borrower/photos (under the web root).

N/A

N/A

SourceCodester Online Library Management System 代码问题漏洞

SourceCodester Online Library Management System是美国SourceCodester公司的一个在线图书管理系统。 SourceCodester Online Library Management System 1.0版本存在安全漏洞，该漏洞源于上传图片组件中的任意文件上传允许用户通过admin借用index.php执行远程代码。

N/A

N/A