إرسال #603640: SourceCodester Simple Company Website with an Admin Panel V1.0 Arbitrary File Uploadالمعلومات

عنوانSourceCodester Simple Company Website with an Admin Panel V1.0 Arbitrary File Upload
الوصفDuring the security assessment of the 'Simple Company Website with an Admin Panel' application, a critical arbitrary file upload vulnerability was discovered in the /classes/Content.php file. Due to the lack of input validation, unauthenticated users can send specially crafted HTTP requests to upload malicious scripts. These scripts are then accessible and executable via a web browser, enabling the attacker to fully compromise the server environment.
المصدر⚠️ https://github.com/ez-lbz/poc/issues/26
المستخدم meraklbz (UID 87053)
ارسال25/06/2025 07:19 AM (1 سنة منذ)
الاعتدال28/06/2025 01:01 PM (3 days later)
الحالةتمت الموافقة
إدخال VulDB314342 [SourceCodester Simple Company Website 1.0 Content.php?f=service img تجاوز الصلاحيات]
النقاط20

Might our Artificial Intelligence support you?

Check our Alexa App!