CVE-2021-45835

Published: Mar 18, 2022Modified: Jun 17, 2026

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

The Online Admission System 1.0 allows an unauthenticated attacker to upload or transfer files of dangerous types to the application through documents.php, which may be used to execute malicious code or lead to code execution.

Affected (1)

Products: Online Admission System Project: Online Admissions System

Online Admission System Project

1 product

Online Admissions System

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Online Admission System Project Online Admissions System	Version 1.0

Related CWEs

CWE-434

Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (6)

https://github.com/rskoolrash/Online-Admission-System

Source: cve@mitre.org

Third Party Advisory

https://github.com/rskoolrash/Online-Admission-System/issues/2

Source: cve@mitre.org

Issue TrackingThird Party Advisory

https://www.exploit-db.com/exploits/50623

Source: cve@mitre.org

ExploitThird Party AdvisoryVDB Entry

https://github.com/rskoolrash/Online-Admission-System

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://github.com/rskoolrash/Online-Admission-System/issues/2

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party Advisory

https://www.exploit-db.com/exploits/50623

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party AdvisoryVDB Entry

Timeline

No history available yet.