SourceCodester Complete E-Commerce Site users_photo.php unrestricted upload

A vulnerability classified as critical has been found in SourceCodester Complete E-Commerce Site 1.0. Affected is an unknown function of the file /admin/users_photo.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257544.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

危险类型文件的不加限制上传

SourceCodester E-Commerce Site 代码问题漏洞

E-Commerce Site是一个电商网站。 SourceCodester Complete E-Commerce Site 1.0版本存在代码问题漏洞，该漏洞源于文件/admin/users_photo.php存在文件上传漏洞。

N/A

N/A