| عنوان | github//HFO4/ shudong-share 2.4.7 Arbitrary File Upload |
|---|
| الوصف | The reason for the vulnerability of arbitrary file upload is that the website application allows users to add any type of upload file extension in the management background, bypassing the whitelist restriction code. In addition, the fileReceiver. php code also performs a second blacklist check but can be bypassed using uppercase Php, resulting in arbitrary file upload. |
|---|
| المصدر | ⚠️ https://github.com/enjoyworld/webray.com.cn/blob/main/cves/shudong-share%20Any%20File%20Upload.md |
|---|
| المستخدم | xmg404 (UID 74197) |
|---|
| ارسال | 29/08/2024 03:54 AM (2 سنوات منذ) |
|---|
| الاعتدال | 30/08/2024 09:10 AM (1 day later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 276217 [HFO4 shudong-share 2.4.7 File Extension fileReceive.php ملف تجاوز الصلاحيات] |
|---|
| النقاط | 18 |
|---|