Gym Management System Project- Arbitrary file upload vulnerability
College Attendance System (CAS) Published by SourceCodester There is an arbitrary file upload vulnerability.
Attackers can upload malicious scripts through this vulnerability to achieve the purpose of destroying the system to control the target machine.
The path where the file upload vulnerability exists is as follows
/mygym/admin/index.php?view_exercises
The pages with file upload vulnerabilities are as follows
Click edit to upload the Trojan file
The content of the uploaded one sentence Trojan horse
The upload is successful, and the statement can be executed arbitrarily
Link
https://www.sourcecodester.com/php/15515/gym-management-system-project-php.html



