Primary

Context

Gotac Police Statistics Database System Arbitrary File Upload Vulnerability Allowing Web Shell Execution

Vulnerability

A vulnerability allowing arbitrary file upload has been identified in the Police Statistics Database System developed by Gotac. This issue allows unauthenticated remote attackers to upload and execute web shell backdoors, enabling arbitrary code execution on the server. The vulnerability affects Police Statistics Database System versions through 1.0.2.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the server where the application is running.

Remediation

Users are advised to update to version 1.0.3 or later.

Added: Jan 16, 2026, 3:21 AM

Updated: Jan 16, 2026, 3:21 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

7.4

remediation

0.0

relevance

2.1

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

7.4

remediation

0.0

relevance

2.1

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Gotac Police Statistics Database System Arbitrary File Upload Vulnerability Allowing Web Shell Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating