mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-19 17:30:12 +00:00
784 B
784 B
CVE-2024-32254
Description
Phpgurukul Tourism Management System v2.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via tms/admin/create-package.php. When creating a new package, there is no checks for what types of files are uploaded from the image.
POC
Reference
- https://github.com/jinhaochan/CVE-POC/blob/main/tms/POC.md
- https://github.com/jinhaochan/CVE-POC/blob/main/tms/POC.md
Github
No PoCs found on GitHub currently.