CVE-2020-10224
Summary
| CVE | CVE-2020-10224 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2020-03-08 23:15:00 UTC |
| Updated | 2023-11-13 14:48:00 UTC |
| Description | An unauthenticated file upload vulnerability has been identified in admin_add.php in PHPGurukul Online Book Store 1.0. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to the server, including PHP files, which could result in command execution. |
Risk And Classification
Problem Types: CWE-434
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Phpgurukul | Online Book Store | 1.0 | All | All | All |
| Application | Phpgurukul | Phpgurukul Online Book Store | 1.0 | All | All | All |
| Application | Phpgurukul | Phpgurukul Online Book Store | 1.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| CVEs | Tib3rius | MISC | tib3rius.com | Third Party Advisory |
| Online Book Store 1.0 - Unauthenticated Remote Code Execution - PHP webapps Exploit | MISC | www.exploit-db.com | Exploit, Third Party Advisory, VDB Entry |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.