Security Advisory

CVE-2023-50760

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-01-04 14:24:34
Last updated 2024-08-26 18:39:38
Assigner Fluid Attacks
State PUBLISHED

Description

Online Notice Board System v1.0 is vulnerable to an Insecure File Upload vulnerability on the f parameter of user/update_profile_pic.php page, allowing an authenticated attacker to obtain Remote Code Execution on the server hosting the application.