CVE-2023-48394
CVE-2023-48394 affects Kaifa Technology WebITR (online attendance system). The issue lies in the file upload function, which does not restrict uploading of dangerous file types. A remote attacker with regular user privileges can upload arbitrary files to execute commands or disrupt service. Conne...