4 matches found
CVE-2022-39179
College Management System v1.0 - Authenticated remote code execution. An admin user the authentication can be bypassed using SQL Injection that mentioned in my other report can upload .php file that contains malicious code via student.php file...
CVE-2022-39179
College Management System v1.0 is affected by an authenticated remote code execution through the student.php upload vector. A malicious admin can upload a .php file containing code after bypassing authentication via SQL Injection, enabling RCE on the server. The root cause is an upload mechanism ...
CVE-2022-39179 College Management System v1.0 - Authenticated remote code execution
College Management System v1.0 - Authenticated remote code execution. An admin user the authentication can be bypassed using SQL Injection that mentioned in my other report can upload .php file that contains malicious code via student.php file...
CVE-2022-39179 College Management System v1.0 - Authenticated remote code execution
College Management System v1.0 - Authenticated remote code execution. An admin user the authentication can be bypassed using SQL Injection that mentioned in my other report can upload .php file that contains malicious code via student.php file...