Arbitrary File Upload Vulnerability in Sourcecodetester Printable Staff ID Card Creator System 1.0

Arbitrary File Upload Vulnerability in Sourcecodetester Printable Staff ID Card Creator System 1.0

CVE-2021-45411 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

In Sourcecodetester Printable Staff ID Card Creator System 1.0 after compromising the database via SQLi, an attacker can log in and leverage an arbitrary file upload vulnerability to obtain remote code execution.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.