CVE-2020-10225

9.8CRITICAL

Key Information:

Vendor: PHPgurukul
Status: Job Portal
Vendor: CVE Published:; 8 March 2020

Summary

An unauthenticated file upload vulnerability has been identified in admin/gallery.php in PHPGurukul Job Portal 1.0. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to the server, including PHP files, which could result in command execution.

References

https://tib3rius.com/cves.html

x_refsource_MISC

https://www.exploit-db.com/exploits/47881

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 8, 2020
Vulnerability Reserved
Mar 8, 2020

Collectors

NVD DatabaseMitre Database