Computer Laboratory System
Monthly
Unrestricted file upload in Computer Laboratory System 1.0 via the technical_staff_pic.php file allows high-privilege users to upload arbitrary files to the server. The vulnerability requires administrator-level access (PR:H) and affects confidentiality, integrity, and availability with low impact scope. Publicly available exploit code exists; however, the EPSS score of 0.07% (21st percentile) and high-privilege requirement significantly limit real-world exploitation risk compared to the CVSS 2.0 baseline.
Unrestricted file upload in Computer Laboratory System 1.0 via the admin_pic.php image parameter allows high-privilege authenticated users to upload arbitrary files remotely, with publicly available proof-of-concept code demonstrating exploitation. Despite the CVSS 2.0 score reflecting the high authentication barrier (PR:H), the vulnerability enables attackers with admin credentials to bypass upload restrictions and potentially establish persistence or execute malicious code on the server.
code-projects Computer Laboratory System 1.0 has a file upload vulnerability. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Unrestricted file upload in Computer Laboratory System 1.0 via the technical_staff_pic.php file allows high-privilege users to upload arbitrary files to the server. The vulnerability requires administrator-level access (PR:H) and affects confidentiality, integrity, and availability with low impact scope. Publicly available exploit code exists; however, the EPSS score of 0.07% (21st percentile) and high-privilege requirement significantly limit real-world exploitation risk compared to the CVSS 2.0 baseline.
Unrestricted file upload in Computer Laboratory System 1.0 via the admin_pic.php image parameter allows high-privilege authenticated users to upload arbitrary files remotely, with publicly available proof-of-concept code demonstrating exploitation. Despite the CVSS 2.0 score reflecting the high authentication barrier (PR:H), the vulnerability enables attackers with admin credentials to bypass upload restrictions and potentially establish persistence or execute malicious code on the server.
code-projects Computer Laboratory System 1.0 has a file upload vulnerability. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.