Vulnerability Details CVE-2021-44087
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which allows an unauthenticated remote attacker to upload a maliciously crafted PHP via photo upload.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.215
EPSS Ranking 95.5%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://sourcecodester.com
- https://www.exploit-db.com/exploits/50801
- https://www.sourcecodester.com/sites/default/files/download/oretnom23/apsystem.zip
- http://sourcecodester.com
- https://www.exploit-db.com/exploits/50801
- https://www.sourcecodester.com/sites/default/files/download/oretnom23/apsystem.zip
Products affected by CVE-2021-44087
-
cpe:2.3:a:attendance_and_payroll_system_project:attendance_and_payroll_system:1.0