2 matches found
CVE-2022-27351
Zoo Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via /publichtml/applyvacancy. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-27351
The CVE-2022-27351 entry describes an arbitrary file upload vulnerability in Zoo Management System v1.0, exploitable via the /public_html/apply_vacancy endpoint. The underlying issue is lack of file-type restrictions, allowing an attacker to upload a crafted PHP file and achieve arbitrary code ex...