CVE-2023-41506
Severity CVSS v4.0:
Pending analysis
Type:
CWE-434
Unrestricted Upload of File with Dangerous Type
Publication date:
27/02/2024
Last modified:
27/08/2024
Description
An arbitrary file upload vulnerability in the Update/Edit Student's Profile Picture function of Student Enrollment In PHP v1.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL