What the vulnerability does
01Description
Unrestricted Upload of File with Dangerous Type vulnerability in joy2012bd JP Students Result Management System Premium allows Upload a Web Shell to a Web Server. This issue affects JP Students Result Management System Premium: from 1.1.7 through n/a.
Explanation of Vulnerability in Simple Terms
02Summary
JP Students Result Management System Premium contains an unrestricted file upload vulnerability that allows attackers to upload malicious files to the server without authentication. The vulnerability affects versions 1.1.7 and requires only network access to exploit. Successful exploitation can lead to remote code execution, data theft, and site compromise.
What an attacker can do
03Attacker Capabilities
Upload and execute malicious files on the server without authentication.
Potential impact on your site
04Site Impact
Attackers can run arbitrary code, steal data, or take full control of the site and its database.
Conditions required to exploit
05Prerequisites
Network access to the vulnerable upload endpoint; no authentication or user interaction required.
Key dates
06Disclosure timeline
May 23, 2025
CVE published
April 28, 2026
Record updated