إرسال #632535: YiFang CMS 2.0.5 Unrestricted Uploadالمعلومات

عنوانYiFang CMS 2.0.5 Unrestricted Upload
الوصفThe core code of the app/utils/base/plugin/P_file.php vulnerability is located in the mergeMultipartUpload() method in the above file. The uploaded file name is determined by the suffixes in md5value and name. Both of these are controllable, resulting in any file upload.
المصدر⚠️ https://github.com/August829/Yu/blob/main/20250811_3.md
المستخدم
 Yu Bao (UID 88956)
ارسال12/08/2025 03:46 PM (11 أشهر منذ)
الاعتدال24/08/2025 04:47 PM (12 days later)
الحالةتمت الموافقة
إدخال VulDB321236 [YiFang CMS حتى 2.0.5 P_file.php mergeMultipartUpload ملف تجاوز الصلاحيات]
النقاط18

Want to stay up to date on a daily basis?

Enable the mail alert feature now!