CVE-2023-1721

Yoga Class Registration System 1.0 - RCE

CVSS 9.1 CRITICALEPSS 1.0%CWE-434

Yoga Class Registration System version 1.0 allows an administrator to execute commands on the server. This is possible because the application does not correctly validate the thumbnails of the classes uploaded by the administrators.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Produtos afetados

Yoga Class Registration System · Yoga Class Registration System

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://fluidattacks.com/advisories/blessd/https://www.sourcecodester.com/php/16097/yoga-class-registration-system-php-and-mysql-free-source-code.html