| Título | JPShop JPShop <=1.5.02 Arbitrary File Upload |
|---|
| Descripción | The JPShop application, specifically its version up to 1.5.02, contains an Arbitrary File Upload vulnerability within the ComboController.php file located in the /api/controllers/admin/app/ directory. This vulnerability arises due to the application's failure to properly validate user-supplied input for the pic_url parameter, which is processed by the actionIndex function. An attacker can exploit this flaw by encoding malicious content and sending a specially crafted PUT request to upload arbitrary files, including potentially executable scripts, to the server. Once uploaded, the attacker can then use another endpoint to retrieve the filename and subsequently access or execute the file on the server, leading to a potential compromise of the system. |
|---|
| Fuente | ⚠️ https://note.zhaoj.in/share/H73DuWdyifaI |
|---|
| Usuario | glzjin (UID 59815) |
|---|
| Sumisión | 2024-02-04 09:47 (hace 2 años) |
|---|
| Moderación | 2024-02-06 09:29 (2 days later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 252999 [Juanpao JPShop hasta 1.5.02 API ComboController.php actionIndex pic_url escalada de privilegios] |
|---|
| Puntos | 20 |
|---|