Login Sign Up

CVE-2020-28130

9.8 CRITICAL
Remote Code Execution

📋 TL;DR

This vulnerability allows attackers to upload arbitrary PHP files to the Online Library Management System, leading to remote code execution. It affects SourceCodester Online Library Management System 1.0 installations with the vulnerable upload component accessible. Attackers can gain full control of affected systems.

💻 Affected Systems

Products:
  • SourceCodester Online Library Management System
Versions: 1.0
Operating Systems: Any OS running PHP
Default Config Vulnerable: ⚠️ Yes
Notes: Requires the upload image component to be accessible, typically via admin interface.

📦 What is this software?

Online Library Management System by Online Library Management System Project

View all CVEs affecting Online Library Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise, data theft, ransomware deployment, and lateral movement within the network.

🟠

Likely Case

Web server compromise, defacement, data exfiltration, and backdoor installation.

🟢

If Mitigated

Limited impact with proper file upload validation and web server hardening.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: CONFIRMED
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploit requires admin access to upload component. Public exploit code available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Consider replacing with alternative software or implementing workarounds.

🔧 Temporary Workarounds

Restrict file upload extensions

all

Modify upload validation to reject .php files and other executable extensions.

Edit admin/borrower/index.php to add file extension validation

Move upload directory outside web root

all

Relocate upload directory to prevent direct execution of uploaded files.

Move admin/borrower/photos directory outside web root and update file paths

🧯 If You Can't Patch

  • Disable the upload image component entirely
  • Implement web application firewall rules to block .php file uploads

🔍 How to Verify

Check if Vulnerable:

Attempt to upload a .php file via admin/borrower/index.php?view=add interface and check if it's saved to admin/borrower/photos/

Check Version:

Check system version in admin panel or readme files

Verify Fix Applied:

Test that .php files are rejected during upload and cannot be executed from upload directory.

📡 Detection & Monitoring

Log Indicators:

  • Unusual .php file uploads in web server logs
  • Access to admin/borrower/photos/*.php

Network Indicators:

  • POST requests to upload endpoints with .php files
  • Unexpected outbound connections from web server

SIEM Query:

source="web_server" AND (uri="/admin/borrower/index.php" AND method="POST" AND file_extension=".php")

📊 Metadata

CVE ID: CVE-2020-28130
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-434
Published: November 17, 2020
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-28130, you might also want to check these:

CVE-2024-52490 10.0

This vulnerability allows attackers to upload arbitrary files, including web shells, to Pathomation ...

Same vulnerability type (CWE-434)
CVE-2024-43160 10.0

CVE-2024-43160 is an unauthenticated arbitrary file upload vulnerability in the BerqWP WordPress plu...

Same vulnerability type (CWE-434)
CVE-2024-8940 10.0

CVE-2024-8940 is a critical unrestricted file upload vulnerability in Scriptcase version 9.4.019 tha...

Same vulnerability type (CWE-434)