daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enhancement: cves/2019/CVE-2019-20183.yaml by mp

patch-1
MostInterestingBotInTheWorld 2022-06-17 12:17:02 -04:00
parent 1543f19568
commit 6d4ba69155
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cves/2019/CVE-2019-20183.yaml
View File

@ -4,7 +4,7 @@ info:
name: Simple Employee Records System 1.0 - Unrestricted File Upload name: Simple Employee Records System 1.0 - Unrestricted File Upload
author: pikpikcu author: pikpikcu
severity: high severity: high
description: Simple Employee Records System 1.0 contains an arbitrary file upload vulnerability due to client-side validation of file extensions. This can be used to upload executable code to the server to obtain access or RCE. description: Simple Employee Records System 1.0 contains an arbitrary file upload vulnerability due to client-side validation of file extensions. This can be used to upload executable code to the server to obtain access or perform remote command execution.
reference: reference:
- https://www.exploit-db.com/exploits/49596 - https://www.exploit-db.com/exploits/49596
- https://medium.com/@Pablo0xSantiago/cve-2019-20183-employee-records-system-bypass-file-upload-to-rce-ea2653660b34 - https://medium.com/@Pablo0xSantiago/cve-2019-20183-employee-records-system-bypass-file-upload-to-rce-ea2653660b34
@ -54,4 +54,4 @@ requests:
condition: and condition: and
part: body part: body
# Enhanced by mp on 2022/06/10 # Enhanced by mp on 2022/06/17