3 matches found
CVE-2023-1722
Yoga Class Registration System version 1.0 allows an administrator to execute commands on the server. This is possible because the application does not correctly validate the thumbnails of the classes uploaded by the administrators...
CVE-2023-1722 Yoga Class Registration System 1.0 - ATO
Yoga Class Registration System version 1.0 allows an administrator to execute commands on the server. This is possible because the application does not correctly validate the thumbnails of the classes uploaded by the administrators...
CVE-2023-1722
CVE-2023-1722 concerns the Yoga Class Registration System 1.0, where an administrator can execute commands on the server. The root cause, as described across multiple sources, is improper validation of uploaded class thumbnails by administrators, enabling arbitrary command execution. The vulnerab...