Exploit/Advisories
Published on June 23rd, 2020 📆 | 2835 Views ⚑
0Online Student Enrollment System 1.0 Arbitrary File Upload ≈ Packet Storm
- Online Student Enrollment System 1.0 Arbitrary File Upload
- Posted Jun 22, 2020
- Authored by BKpatron
-
Online Student Enrollment System version 1.0 suffers from an unauthenticated arbitrary file vulnerability.
- MD5 |
82d4e855a4f70039fa7c52673309699c
- Download | Favorite | View
# Exploit Title: Online Student Enrollment System 1.0 - Unauthenticated Arbitrary File Upload
# Google Dork: N/A
# Date: 2020-06-20
# Exploit Author: BKpatron
# Vendor Homepage: https://www.campcodes.com/projects/php/4745/online-student-enrollment-system-in-php-mysqli/
# Software Link: https://www.sourcecodester.com/sites/default/files/download/donbermoy/student_enrollment_1.zip
# Version: v1.0
# Tested on: Win 10
# CVE: N/A# Vulnerability:
Online Student Enrollment System version 1.0 suffers from an Unauthenticated File Upload Vulnerability allowing Remote Attackers to gain Remote Code Execution
(RCE) on the Hosting Webserver via uploading a maliciously crafted PHP file.
#CSRF PoC:
Gloss