Online Course Registration Project: >> Online Course Registration >> 1.0 Security Vulnerabilities
Online Course Registration v1.0 was discovered to contain hardcoded credentials in the source code which allows attackers access to the control panel if compromised.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-01-31
A File Upload vulnerability in SourceCodester Online Course Registration v1.0 allows remote attackers to achieve Remote Code Execution (RCE) on the hosting webserver by uploading a crafted PHP web-shell that bypasses the image upload filters. An attack uses /Online%20Course%20Registration/my-profile.php with the POST parameter photo.
CVSS Score
9.8
EPSS Score
0.023
Published
2020-09-15