Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An unrestricted file upload vulnerability exists in Sourcecodester Free school management software 1.0. An attacker can leverage this vulnerability to enable remote code execution on the affected web server. Once a php webshell containing "<?php system($_GET["cmd"]); ?>" gets uploaded it is saved into /uploads/exam_question/ directory, and is accessible by all users.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Free School Management Software 代码问题漏洞
Vulnerability Description
Free School Management Software是Gosfem个人开发者的一款免费的开源学校软件。 Free school management software存在代码问题漏洞,该漏洞源于存在不受限文件上传漏洞。攻击者可利用该漏洞可以利用此漏洞在受影响的web服务器上启用远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A