إرسال #275593: OpenBi OpenBi <=1.0.8 Pre-Authentication Arbitrary File Creationالمعلومات

عنوانOpenBi OpenBi <=1.0.8 Pre-Authentication Arbitrary File Creation
الوصفThe OpenBI software, specifically in file /application/index/controller/Screen.php, has a Pre-Authentication Arbitrary File Creation vulnerability. This flaw allows an attacker to create a zip file with arbitrary PHP code, which can be executed when accessed. This essentially leads to Remote Code Execution (RCE). The vulnerability has been confirmed in versions up to and including 1.0.8.
المصدر⚠️ https://note.zhaoj.in/share/Liu1nbjddxu4
المستخدم
 glzjin (UID 59815)
ارسال31/01/2024 07:55 AM (2 سنوات منذ)
الاعتدال31/01/2024 02:10 PM (6 hours later)
الحالةتمت الموافقة
إدخال VulDB252475 [openBI حتى 1.0.8 Screen.php index fileurl تجاوز الصلاحيات]
النقاط19

Want to know what is going to be exploited?

We predict KEV entries!