| عنوان | JPShop JPShop <=1.5.02 Arbitrary File Upload |
|---|
| الوصف | The JPShop application, specifically in versions up to and including 1.5.02, has been identified to contain an Arbitrary File Upload vulnerability within the AppController.php file located in the /api/controllers/admin/app/ directory. This vulnerability arises from the actionIndex function, which improperly handles user-supplied input in the app_pic_url parameter. Attackers can exploit this flaw by encoding malicious files in Base64 and submitting them through a POST request, which the application then decodes and saves without adequate validation. Consequently, this can lead to the execution of arbitrary code by navigating to the uploaded file using another endpoint that reveals the filename. |
|---|
| المصدر | ⚠️ https://note.zhaoj.in/share/rCt6PpJxBvuI |
|---|
| المستخدم | glzjin (UID 59815) |
|---|
| ارسال | 04/02/2024 08:45 AM (2 سنوات منذ) |
|---|
| الاعتدال | 06/02/2024 09:29 AM (2 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 252998 [Juanpao JPShop حتى 1.5.02 API AppController.php app_pic_url تجاوز الصلاحيات] |
|---|
| النقاط | 20 |
|---|