Description
osClass 3.6.1 allows oc-admin/plugins.php Directory Traversal via the plugin parameter. This is exploitable for remote PHP code execution because an administrator can upload an image that contains PHP code in the EXIF data via index.php?page=ajax&action=ajax_upload.
Remediation
References
Related Vulnerabilities
WordPress Plugin Adminer Multiple Cross-Site Scripting Vulnerabilities (1.4.3)
WordPress Plugin Simple Link Directory Cross-Site Scripting (7.3.4)
MySQL CVE-2019-2634 Vulnerability (CVE-2019-2634)
Atlassian Jira Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-6619)
WordPress Plugin Password Vault Cross-Site Scripting (1.8.2)