CVE-2020-24203
N/A
N/A
Summary
Insecure File Permissions and Arbitrary File Upload in the upload pic function in updatesubcategory.php in Projects World Travel Management System v1.0 allows remote unauthenticated attackers to gain remote code execution.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://projectworlds.in/free-projects/php-projects/travel-management-system-project-in-php-mysql/
- https://github.com/hyd3sec/TravelManagementSystemRCE
References
- https://projectworlds.in/free-projects/php-projects/travel-management-system-project-in-php-mysql/
- https://github.com/hyd3sec/TravelManagementSystemRCE
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.