漏洞关键信息 Title: https://www.sourcecodester.com Prison Management System v1.0 remote command/code execute Description: A critical vulnerability has been discovered in the Online Courseware. This affects the edit-photo.php file. No checks are made on the contents and suffixes of files uploaded by users, allowing attackers to upload php files containing malicious code and perform remote command execution. Source:  User: ) Submission Date: 04/07/2024 02:28 PM (2 years ago) Moderation Date: 04/07/2024 03:14 PM (46 minutes later) Status: Accepted VulDB Entry:  [SourceCodester Prison Management System 1.0 Avatar /Admin/edit-photo.php unrestricted upload] Points: 17