Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Sourcecodester Payroll Management System v1.0 is vulnerable to File Upload. Users can upload images via the "save_settings" page. An unauthenticated attacker can leverage this functionality to upload a malicious PHP file instead. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as the user running the web server.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Payroll Management System 安全漏洞
Vulnerability Description
Payroll Management System是Carlo Montero个人开发者的一个工资管理系统。 Payroll Management System 1.0版本存在安全漏洞,该漏洞源于未经身份验证的攻击者可以利用“save_settings”页面上传图片的功能上传恶意PHP文件,并以运行web服务器的用户身份执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A