A vulnerability, which was classified as problematic, was found in SourceCodester Online Tours & Travels Management System 1.0. Affected is an unknown function of the file admin/ab.php. The manipulation of the argument img leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-222978 is the identifier assigned to this vulnerability.
References
Link | Resource |
---|---|
https://blog.csdn.net/Dwayne_Wade/article/details/129526901 | Broken Link |
https://vuldb.com/?id.222978 | Permissions Required Third Party Advisory |
https://vuldb.com/?ctiid.222978 | Permissions Required Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2023-03-14 08:15
Updated : 2023-03-16 08:33
NVD link : CVE-2023-1391
Mitre link : CVE-2023-1391
JSON object : View
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type
Products Affected
online_tours_\&_travels_management_system_project
- online_tours_\&_travels_management_system