Command School Student Management System 1.06.01 does not properly restrict access to sw/backup/backup_ray2.php, which allows remote malicious users to download a database backup via a direct request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
doug poulin command school student management system 1.06.01 |