← Back

Online Course Registration

online_course_registration

Vendor: Online Course Registration Project • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-36064
1Online Course Registration Project
1Online Course Registration
Nov 21, 2024
Jan 31, 2022
N/A· v4
9.8 CRITICAL· v3
5.0 MEDIUM· v2
Online Course Registration v1.0 was discovered to contain hardcoded credentials in the source code which allows attackers access to the control panel if compromised.
CVE-2020-23828
1Online Course Registration Project
1Online Course Registration
Jun 17, 2026
Sep 15, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
A File Upload vulnerability in SourceCodester Online Course Registration v1.0 allows remote attackers to achieve Remote Code Execution (RCE) on the hosting webserver by uploading a crafted PHP web-shell that bypasses the...Show more
A File Upload vulnerability in SourceCodester Online Course Registration v1.0 allows remote attackers to achieve Remote Code Execution (RCE) on the hosting webserver by uploading a crafted PHP web-shell that bypasses the image upload filters. An attack uses /Online%20Course%20Registration/my-profile.php with the POST parameter photo.Show less