Hacker1106

**Name of the Vulnerable Software and Affected Versions** Codezips Online Institute Management System version 1.0 **Description** A critical issue has been found in the system, affecting an unknown functionality of the file /edit user.php. The manipulation of the `image` argument leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For Codezips Online Institute Management System version 1.0, consider disabling the /edit user.php file or restricting access to it until a patch is available. Avoid using the `image` argument in the /edit user.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.