VYPR

Online Library Management System

by Sourcecodester

CVEs (1)

  • CVE-2020-28130CriNov 17, 2020
    risk 0.64cvss 9.8epss 0.06

    An Arbitrary File Upload in the Upload Image component in SourceCodester Online Library Management System 1.0 allows the user to conduct remote code execution via admin/borrower/index.php?view=add because .php files can be uploaded to admin/borrower/photos (under the web root).