Tourism management system v2.0 arbitrary file upload Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2024-03-25 |
Type : webapps |
Platform : php
This exploit / vulnerability Tourism management system v2.0 arbitrary file upload is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: Tourism Management System v2.0 - Arbitrary File Upload
# Google Dork: N/A
# Exploit Author: SoSPiro
# Date: 2024-02-18
# Vendor Homepage: https://phpgurukul.com
# Software Link: https://phpgurukul.com/tourism-management-system-free-download/
# Version: 2.0
# Tested on: Windows 10 Pro
# Impact: Allows admin to upload all files to the web server
# CVE : N/A
# Exploit Description:
The application is prone to an arbitrary file-upload because it fails to adequately sanitize user-supplied input.