Security Advisory

CVE-2019-13294

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-07-04 22:09:54

Last updated 2024-08-04 23:49:24

Assigner mitre

State PUBLISHED

Description

AROX School-ERP Pro has a command execution vulnerability. import_stud.php and upload_fille.php do not have session control. Therefore an unauthenticated user can execute a command on the system.

← Browse all CVEs View on cve.org ↗