Vulnerability Details CVE-2020-25763
Seat Reservation System version 1.0 suffers from an Unauthenticated File Upload Vulnerability allowing Remote Attackers to gain Remote Code Execution (RCE) on the Hosting Webserver via uploading PHP files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.121
EPSS Ranking 93.4%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://packetstormsecurity.com/files/159260/Seat-Reservation-System-1.0-Shell-Upload.html
- http://seclists.org/fulldisclosure/2020/Sep/41
- https://packetstormsecurity.com/files/author/15149
- http://packetstormsecurity.com/files/159260/Seat-Reservation-System-1.0-Shell-Upload.html
- http://seclists.org/fulldisclosure/2020/Sep/41
- https://packetstormsecurity.com/files/author/15149
Products affected by CVE-2020-25763
-
cpe:2.3:a:seat_reservation_system_project:seat_reservation_system:1.0