CVE-2023-5284

Name of the Vulnerable Software and Affected Versions SourceCodester Engineers Online Portal version 1.0

Description A critical vulnerability has been found in the SourceCodester Engineers Online Portal. The issue affects an unknown function of the file upload save student.php, where the manipulation of the uploaded file argument leads to unrestricted upload. This allows for remote attacks.

Recommendations For version 1.0, consider disabling the file upload functionality in upload save student.php until a patch is available to prevent unrestricted file uploads. Restrict access to the upload save student.php file to minimize the risk of exploitation. Avoid using the uploaded file argument in the affected file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.