Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SourceCodester Student Study Center Desk Management System POST Parameter path traversal
Vulnerability Description
A vulnerability classified as critical has been found in SourceCodester Student Study Center Desk Management System 1.0. Affected is an unknown function of the file Master.php?f=delete_img of the component POST Parameter Handler. The manipulation of the argument path with the input C%3A%2Ffoo.txt leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-223326 is the identifier assigned to this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Student Study Center Desk Management System 路径遍历漏洞
Vulnerability Description
Student Study Center Desk Management System是学生学习中心课桌管理系统。 SourceCodester Student Study Center Desk Management System 1.0版本存在路径遍历漏洞,该漏洞源于组件POST Parameter Handler的 Master.php?,通过参数path会导致路径遍历。
CVSS Information
N/A
Vulnerability Type
N/A