Home

Description

A vulnerability was detected in Great Developers Certificate Generation System up to 97171bb0e5e22e52eacf4e4fa81773e5f3cffb73. This vulnerability affects unknown code of the file /restructured/csv.php. The manipulation of the argument photo results in os command injection. The attack can be executed remotely. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The code repository of the project has not been active for many years.

PUBLISHED Reserved 2026-02-07 | Published 2026-02-08 | Updated 2026-02-08 | Assigner VulDB




MEDIUM: 6.9CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X
HIGH: 7.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:R
HIGH: 7.3CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:R
7.5AV:N/AC:L/Au:N/C:P/I:P/A:P/E:ND/RL:ND/RC:UR

Problem types

OS Command Injection

Command Injection

Product status

97171bb0e5e22e52eacf4e4fa81773e5f3cffb73
affected

Timeline

2026-02-07:Advisory disclosed
2026-02-07:VulDB entry created
2026-02-07:VulDB entry last update

Credits

lakshay12311 (VulDB User) reporter

References

vuldb.com/?id.344887 (VDB-344887 | Great Developers Certificate Generation System csv.php os command injection) vdb-entry technical-description

vuldb.com/?ctiid.344887 (VDB-344887 | CTI Indicators (IOB, IOC, TTP, IOA)) signature permissions-required

vuldb.com/?submit.749714 (Submit #749714 | Great Developers Certificate Generator System 1.0 Improper Neutralization of Special Elements) third-party-advisory

github.com/...yverma/CVE-Discovery/blob/main/Certificate2.md related

cve.org (CVE-2026-2184)

nvd.nist.gov (CVE-2026-2184)

Download JSON