Enviar #603640: SourceCodester Simple Company Website with an Admin Panel V1.0 Arbitrary File Uploadinformación

TítuloSourceCodester Simple Company Website with an Admin Panel V1.0 Arbitrary File Upload
DescripciónDuring the security assessment of the 'Simple Company Website with an Admin Panel' application, a critical arbitrary file upload vulnerability was discovered in the /classes/Content.php file. Due to the lack of input validation, unauthenticated users can send specially crafted HTTP requests to upload malicious scripts. These scripts are then accessible and executable via a web browser, enabling the attacker to fully compromise the server environment.
Fuente⚠️ https://github.com/ez-lbz/poc/issues/26
Usuario meraklbz (UID 87053)
Sumisión2025-06-25 07:19 (hace 1 Año)
Moderación2025-06-28 13:01 (3 days later)
EstadoAceptado
Entrada de VulDB314342 [SourceCodester Simple Company Website 1.0 Content.php?f=service img escalada de privilegios]
Puntos20

Interested in the pricing of exploits?

See the underground prices here!