4 matches found
CVE-2020-24203
Insecure File Permissions and Arbitrary File Upload in the upload pic function in updatesubcategory.php in Projects World Travel Management System v1.0 allows remote unauthenticated attackers to gain remote code execution...
Projects World Travel Management System Authentication Bypass (CVE-2020-24203)
An authentication bypass vulnerability exists in Projects World Travel Management System. Successful exploitation of this vulnerability allow a remote attacker to gain unauthorized access to the affected system...
CVE-2020-24203
The CVE-2020-24203 issue affects Projects World Travel Management System v1.0, specifically the updatesubcategory.php upload pic function. The root cause is insecure file permissions combined with an arbitrary file upload, allowing remote unauthenticated attackers to gain remote code execution. E...
CVE-2020-24203
Insecure File Permissions and Arbitrary File Upload in the upload pic function in updatesubcategory.php in Projects World Travel Management System v1.0 allows remote unauthenticated attackers to gain remote code execution...