cbcvebase.
CVE-2017-15957
published 2017-10-29

CVE-2017-15957: my_profile.php in Ingenious School Management System 2.3.0 allows a student or teacher to upload an arbitrary file.

PriorityP262high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
EXPLOIT
EPSS
3.95%
89.1th percentile
my_profile.php in Ingenious School Management System 2.3.0 allows a student or teacher to upload an arbitrary file.

Affected

1 ranges
VendorProductVersion rangeFixed in
ingenious_school_management_system_projectingenious_school_management_system

Detection & IOCsextracted from sources · hover to see the quote

pathmy_profile.php
pathuploads/
  • Monitor for unexpected file types (e.g., .php, .jsp, .asp webshells) uploaded via POST requests to my_profile.php or view/teacher_profile2.php by authenticated student or teacher roles.
  • Alert on HTTP GET/POST requests accessing files under the /uploads/ directory that have executable extensions (e.g., .php), which may indicate post-exploitation webshell access.
  • my_profile.php in Ingenious School Management System 2.3.0 is the vulnerable endpoint; flag any multipart/form-data file upload requests to this endpoint.
  • ·The exploit path uses [PATH] as a placeholder; the actual installation subdirectory will vary per deployment. Detections should use wildcard/regex matching for the path prefix.
  • ·The uploaded filename is not fixed ([FILE] placeholder); defenders cannot rely on a static filename IOC and must instead monitor the uploads/ directory for newly created executable-extension files.

CVSS provenance

nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.