Vulnerabilities

CVE-2021-42580

by Fred · 15/11/2021

Sourcecodester Online Learning System 2.0 is vunlerable to sql injection authentication bypass in admin login file (/admin/login.php) and authenticated file upload in (Master.php) file , we can craft these two vunlerablities to get unauthenticated remote command execution.

Date published : 2021-11-15

http://packetstormsecurity.com/files/164985/Online-Learning-System-2.0-Remote-Code-Execution.html

https://github.com/DjebbarAnon/online-learning-system-v2-sqli-authentication-bypass-file-upload-unauthenticated-RCE

Similar

Tags: Cybersecurity Alert