• Report Links
    We do not store any files or images on our server. XenPaste only index and link to content provided by other non-affiliated sites. If your copyrighted material has been posted on XenPaste or if hyperlinks to your copyrighted material are returned through our search engine and you want this material removed, you must contact the owners of such sites where the files and images are stored.

Online Student Enrollment System 1.0 - Unauthenticated Arbitrary File Upload

XMAN

Active member
Joined
Jul 12, 2021
Messages
19,637
Reaction score
103
Points
38
Online Student Enrollment System 1.0 - Unauthenticated Arbitrary File Upload #1
# Exploit Title: Online Student Enrollment System 1.0 - Unauthenticated Arbitrary File Upload
# Google Dork: N/A
# Vendor Homepage: https://www.campcodes.com/projects/p...in-php-mysqli/
# Software Link: https://www.sourcecodester.com/sites...rollment_1.zip
# Version: v1.0
# Tested on: Win 10
# CVE: N/A

# Vulnerability:
Online Student Enrollment System version 1.0 suffers from an Unauthenticated File Upload Vulnerability allowing Remote Attackers to gain Remote Code Execution
(RCE) on the Hosting Webserver via uploading a maliciously crafted PHP file.

#CSRF PoC:












Quote:Original Link to the Exploit!
https://www.exploit-db.com/exploits/48610
 
Top