Vulnerability Description
The Online Admission System 1.0 allows an unauthenticated attacker to upload or transfer files of dangerous types to the application through documents.php, which may be used to execute malicious code or lead to code execution.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Online Admission System Project | Online Admissions System | 1.0 |
Related Weaknesses (CWE)
References
- https://github.com/rskoolrash/Online-Admission-SystemThird Party Advisory
- https://github.com/rskoolrash/Online-Admission-System/issues/2Issue TrackingThird Party Advisory
- https://www.exploit-db.com/exploits/50623ExploitThird Party AdvisoryVDB Entry
- https://github.com/rskoolrash/Online-Admission-SystemThird Party Advisory
- https://github.com/rskoolrash/Online-Admission-System/issues/2Issue TrackingThird Party Advisory
- https://www.exploit-db.com/exploits/50623ExploitThird Party AdvisoryVDB Entry
FAQ
What is CVE-2021-45835?
CVE-2021-45835 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The Online Admission System 1.0 allows an unauthenticated attacker to upload or transfer files of dangerous types to the application through documents.php, which may be used to execute malicious code ...
How severe is CVE-2021-45835?
CVE-2021-45835 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2021-45835?
Check the references section above for vendor advisories and patch information. Affected products include: Online Admission System Project Online Admissions System.