CVE-2022-39179

Description

College Management System v1.0 - Authenticated remote code execution. An admin user (the authentication can be bypassed using SQL Injection that mentioned in my other report) can upload .php file that contains malicious code via student.php file.

Related CPE's

a college_management_system_project college_management_system 1.0 *******

References

https://www.gov.il/en/departments/faq/cve_advisories

Third Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io