Submit #276044: Whatsns Whatsns <=6.0.3 Deserializationinfo

TitelWhatsns Whatsns <=6.0.3 Deserialization
BeschreibungThis vulnerability is present in the application/controllers/User.php file of the Whatsns software (versions ≤6.0.3). The vulnerability arises from the 'addxinzhi' function, which accepts an 'outimgurl' parameter that is passed to file_exists, allowing an attacker to control the prefix of the file path. This can be manipulated to set the prefix to 'phar://' and trigger a file deserialization. Through a crafted phar file, the attacker can cause remote code execution (RCE) on the server.
Quelle⚠️ https://note.zhaoj.in/share/qFXZZfp1NLa3
Benutzer
 glzjin (UID 59815)
Einreichung01.02.2024 07:54 (vor 2 Jahren)
Moderieren02.02.2024 08:57 (1 day later)
StatusAkzeptiert
VulDB Eintrag252696 [openBI bis 6.0.3 Phar User.php addxinzhi outimgurl erweiterte Rechte]
Punkte20

ZurückÜbersichtWeiter

Do you want to use VulDB in your project?

Use the official API to access entries easily!

n $_SERVER['REMOTE_ADDR'] ?? '0.0.0.0'; } } ?>