CVE-2020-10225

EUVD-2020-2683
An unauthenticated file upload vulnerability has been identified in admin/gallery.php in PHPGurukul Job Portal 1.0. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to the server, including PHP files, which could result in command execution.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
Affected Products (NVD)
VendorProductVersion
phpgurukuljob_portal
1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://tib3rius.com/cves.html
https://www.exploit-db.com/exploits/47881
https://tib3rius.com/cves.html
https://www.exploit-db.com/exploits/47881