File Upload Vulnerability Allows Arbitrary Code Execution
CVE-2024-31610

Currently unrated

Key Information:

Vendor: Code-Projects
Status: Simple School Management System
Vendor: CVE Published:; 25 April 2024

Summary

File Upload vulnerability in the function for employees to upload avatars in Code-Projects Simple School Management System v1.0 allows attackers to run arbitrary code via upload of crafted file.

References

https://github.com/ss122-0ss/School/blob/main/readme.md

Timeline

Vulnerability published
Apr 25, 2024