CVE-2020-10225: Malicious File Upload
First published: Sun Mar 08 2020(Updated: )
An unauthenticated file upload vulnerability has been identified in admin/gallery.php in PHPGurukul Job Portal 1.0. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to the server, including PHP files, which could result in command execution.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| PHPGurukul Job Portal | =1.0 | |
| Phpgurukul Phpgurukul Job Portal | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2020-10225?
CVE-2020-10225 is an unauthenticated file upload vulnerability in PHPGurukul Job Portal 1.0, which allows an unauthenticated remote attacker to upload content to the server, potentially resulting in command execution.
Who is affected by CVE-2020-10225?
Users of PHPGurukul Job Portal 1.0 are affected by this vulnerability.
How severe is CVE-2020-10225?
CVE-2020-10225 has a severity rating of 9.8, indicating it is critical.
How can CVE-2020-10225 be exploited?
An unauthenticated remote attacker can exploit CVE-2020-10225 by uploading content to the server, including PHP files, which may lead to command execution.
Is there a fix for CVE-2020-10225?
At the moment, there is no known fix for CVE-2020-10225. It is recommended to update to a patched version or apply any available security patches provided by the vendor.
- collector/nvd-index
- collector/nvd-api
- agent/author
- agent/severity
- agent/references
- agent/weakness
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/tags
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- vendor/phpgurukul
- canonical/phpgurukul phpgurukul job portal
- version/phpgurukul phpgurukul job portal/1.0
- canonical/phpgurukul job portal
- version/phpgurukul job portal/1.0