| Titel | itsourcecode Laravel Property Management System v1.0 FileUpload |
|---|
| Beschreibung | In the PropertiesController.php controller, the upload method is used to upload images. However, since the image detection rules in the UpdatePropertiesRequest class can be bypassed, attackers can directly upload Webshell files. |
|---|
| Quelle | ⚠️ https://github.com/DeepMountains/zzz/blob/main/CVE2-1.md |
|---|
| Benutzer | wanglun (UID 73616) |
|---|
| Einreichung | 18.08.2024 09:55 (vor 2 Jahren) |
|---|
| Moderieren | 19.08.2024 17:10 (1 day later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 275135 [itsourcecode Laravel Property Management System 1.0 PropertiesController.php upload Datei erweiterte Rechte] |
|---|
| Punkte | 16 |
|---|