Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Sourcecodester Online Covid Vaccination Scheduler System 1.0 is affected vulnerable to Arbitrary File Upload. The admin panel has an upload function of profile photo accessible at http://localhost/scheduler/admin/?page=user. An attacker could upload a malicious file such as shell.php with the Content-Type: image/png. Then, the attacker have to visit the uploaded profile photo to access the shell.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SourceCodester Online Covid Vaccination Scheduler System 代码问题漏洞
Vulnerability Description
SourceCodester Online Covid Vaccination Scheduler System是SourceCodester公司的一个应用系统。通过可靠的疫苗计划和队列管理解决方案有效管理 COVID-19 疫苗接种。 Sourcecodester Online Covid Vaccination Scheduler System 1.0版本存在安全漏洞,该应用容易受到任意文件上传的影响。
CVSS Information
N/A
Vulnerability Type
N/A