CVE-2021-42580

Sourcecodester Online Learning System 2.0 is vunlerable to sql injection authentication bypass in admin login file (/admin/login.php) and authenticated file upload in (Master.php) file , we can craft these two vunlerablities to get unauthenticated remote command execution.
Configurations

Configuration 1

cpe:2.3:a:online_learning_system_project:online_learning_system:2.0:*:*:*:*:*:*:*

Information

Published : 2021-11-15 04:15

Updated : 2021-11-26 03:18


NVD link : CVE-2021-42580

Mitre link : CVE-2021-42580

Products Affected
No products.
CWE