CVE-2023-1391
4.7
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Summary
A vulnerability, which was classified as problematic, was found in SourceCodester Online Tours & Travels Management System 1.0. Affected is an unknown function of the file admin/ab.php. The manipulation of the argument img leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-222978 is the identifier assigned to this vulnerability.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SourceCodester | Online Tours & Travels Management System | 1.0 | affected |
Weaknesses
- CWE-434: CWE-434 Unrestricted Upload
ADP Enrichment
CVE Program Container
Additional References
- https://vuldb.com/?id.222978
- https://vuldb.com/?ctiid.222978
- https://blog.csdn.net/Dwayne_Wade/article/details/129526901
References
- https://vuldb.com/?id.222978
- https://vuldb.com/?ctiid.222978
- https://blog.csdn.net/Dwayne_Wade/article/details/129526901
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.