CVE-2022-25016

Published
View on NVD ↗
CVSS v3
9.8
CRITICAL
CVSS v2
7.5
HIGH
Affected
1
PROJECT

Description

Home Owners Collection Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /student_attendance/index.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.

lohyt/web-shell-via-file-upload-in-hocms
lohyt/web-shell-via-file-upload-in-hocms
Web shell via File upload functionality in Home owners collection management system
GitHubGitHub