PHPGurukul Pre-School Enrollment System Directory Traversal Vulnerability in manage-teachers.php

A directory traversal vulnerability has been identified in PHPGurukul Pre-School Enrollment System version 1.0, specifically within the manage-teachers.php file. This vulnerability allows remote attackers to traverse directories and delete files on the server.

Impact

Exploitation of this vulnerability allows for unauthorized directory traversal, enabling attackers to access and delete files on the server.

Reproduction

To reproduce this vulnerability, log into the system's backend management. Navigate to the manage-teachers.php file and locate the 'manage-teachers-delete' function. Intercept the request and modify the 'profilepic' parameter to include a directory traversal payload, such as '../../../../../aaa.txt'. Send the request, and the payload will delete the specified file.

Remediation

Users are advised to update to a version that includes proper path validation and filtering to prevent directory traversal. Regular expressions can be employed to restrict path formats.