Vulnerabilities > CVE-2021-44087 - Unspecified vulnerability in Attendance and Payroll System Project Attendance and Payroll System 1.0

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

attendance-and-payroll-system-project

NVD

Published: 2022-03-17

Updated: 2022-03-24

Summary

A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which allows an unauthenticated remote attacker to upload a maliciously crafted PHP via photo upload.

Vulnerable Configurations

Part	Description	Count
Application	Attendance_And_Payroll_System_Project Attendance AND Payroll System Project Attendance AND Payroll System 1.0	1

References

https://www.sourcecodester.com/sites/default/files/download/oretnom23/apsystem.zip
https://www.exploit-db.com/exploits/50801
http://sourcecodester.com