CyberSec.Space Logo
Back to CVE Browser

CVE-2017-15957

HIGH
8.8
CVSS Severity Score
EPSS Score0.0880%
EPSS Percentile13.01th
PublishedOct 29, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

my_profile.php in Ingenious School Management System 2.3.0 allows a student or teacher to upload an arbitrary file.

Affected Platforms (CPE)

πŸ“¦
Ingenious School Management System Project

Ingenious School Management System

= 2.3.0

References & Advisories

πŸ”— https://packetstormsecurity.com/files/144431/Ingenious-School-Management-System-2.3.0-Arbitrary-File-Upload.html
πŸ”— https://www.exploit-db.com/exploits/43102/
πŸ”— https://packetstormsecurity.com/files/144431/Ingenious-School-Management-System-2.3.0-Arbitrary-File-Upload.html
πŸ”— https://www.exploit-db.com/exploits/43102/

Related Vulnerabilities

CVE-2017-165619.8

/view/friend_profile.php in Ingenious School Management System 2.3.0 is vulnerable to Boolean-based and Time-based SQL injection i...

CVE-2017-278510.0

An exploitable buffer overflow exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially cra...

CVE-2017-278810.0

A buffer overflows exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet ...

CVE-2017-522610.0

When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent session by using the TIOCSTI ioc...