Lucene search
China National Vulnerability DatabaseCNVD-2022-87352HistoryOct 12, 2022 - 12:00 a.m.
Web-Based Student Clearance System File Upload Vulnerability
2022-10-1200:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
web-based student clearance system
file upload
vulnerability
ndueso okorie
photo handler
remote execution
arbitrary code
0.002 Low
EPSS
Percentile
54.0%
Web-Based Student Clearance System is a web-based student clearance system from the personal developer Ndueso Okorie. v1.0 of Web-Based Student Clearance System is vulnerable to a file upload vulnerability that originates from a method in the edit-photo.php file in the Photo Handler component that lacks valid validation of the uploaded file. An attacker could exploit the vulnerability to upload malicious files and remotely execute arbitrary code.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ndueso okorie web-based student clearance system v | eq | 1.0 |
Related
zdt
zdt
Web Based Student Clearance 1.0 Shell Upload Vulnerability
2022-10-13 00:00:00
Online Student Clearance System 1.0 Shell Upload Exploit
2023-11-30 00:00:00
nvd
nvd
CVE-2022-3436
2022-10-09 09:15:10
cvelist
cvelist
cve
cve
CVE-2022-3436
2022-10-09 09:15:10
prion
prion
Out-of-bounds
2022-10-09 09:15:00
packetstorm
packetstorm
Online Student Clearance System 1.0 Shell Upload
2023-11-30 00:00:00
Web Based Student Clearance 1.0 Shell Upload
2022-10-10 00:00:00