3 matches found
Teachers Record Management System 1.0 Validation Bypass
Exploit Title: Teachers Record Management System 1.0 – File Upload Type Validation Date: 17-01-2023 EXPLOIT-AUTHOR: AFFAN AHMED Vendor Homepage: Software Link: Version: 1.0 Tested on: Windows 11 + XAMPP CVE : CVE-2023-3187 =============================== STEPSTOREPRODUCE...
Teachers Record Management System 1.0 - File Upload Type Validation
Exploit Title: Teachers Record Management System 1.0 – File Upload Type Validation Date: 17-01-2023 EXPLOIT-AUTHOR: AFFAN AHMED Vendor Homepage: Software Link: Version: 1.0 Tested on: Windows 11 + XAMPP CVE : CVE-2023-3187 =============================== STEPSTOREPRODUCE...
CVE-2023-3187
CVE-2023-3187 affects PHPGurukul Teachers Record Management System 1.0, specifically the Profile Picture Handler’s /changeimage.php. The root cause is manipulation of the newpic parameter, which enables unrestricted file upload via remote access. This vulnerability has been publicly disclosed and...