Sw0Rd

**Name of the Vulnerable Software and Affected Versions** tittuvarghese CollegeManagementSystem (affected versions not specified) **Description** An unrestricted file upload issue exists in the Student Data Upload Endpoint within the file 'dashboard page/forms/upload student data.php'. Remote attackers can exploit this by manipulating the `Student-Data-CSV` argument to upload arbitrary files. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.