mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-19 17:30:12 +00:00
788 B
788 B
CVE-2024-32256
Description
Phpgurukul Tourism Management System v2.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via /tms/admin/change-image.php. When updating a current package, there are no checks for what types of files are uploaded from the image.
POC
Reference
- https://github.com/jinhaochan/CVE-POC/blob/main/tms/POC.md
- https://github.com/jinhaochan/CVE-POC/blob/main/tms/POC.md
Github
No PoCs found on GitHub currently.