| عنوان | Bdtask Flight Booking Software B2B Portal v3.1 Unrestricted File Upload |
|---|
| الوصف | The application's 'Deposit' feature within the B2B portal's transaction module allows authenticated users to upload files. The file upload functionality does not properly validate file types, allowing for the upload of PHP web shells. An authenticated attacker can upload a malicious script and then access it to execute arbitrary commands on the server. |
|---|
| المصدر | ⚠️ https://github.com/4m3rr0r/PoCVulDb/blob/main/README11.md |
|---|
| المستخدم | 4m3rr0r (UID 85795) |
|---|
| ارسال | 11/10/2025 02:45 PM (8 أشهر منذ) |
|---|
| الاعتدال | 25/10/2025 06:21 PM (14 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 329892 [Bdtask Flight Booking Software حتى 3.1 Deposit deposit تجاوز الصلاحيات] |
|---|
| النقاط | 18 |
|---|