A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which allows an unauthenticated remote attacker to upload a maliciously crafted PHP via photo upload.Referenceshttp://sourcecodester.comhttps://www.sourcecodester.com/sites/default/files/download/oretnom23/apsystem.ziphttps://www.exploit-db.com/exploits/50801
