Enviar #673424: Bdtask Flight Booking Software B2B Portal v3.1 Unrestricted File Uploadinformación

TítuloBdtask Flight Booking Software B2B Portal v3.1 Unrestricted File Upload
DescripciónThe application's 'Deposit' feature within the B2B portal's transaction module allows authenticated users to upload files. The file upload functionality does not properly validate file types, allowing for the upload of PHP web shells. An authenticated attacker can upload a malicious script and then access it to execute arbitrary commands on the server.
Fuente⚠️ https://github.com/4m3rr0r/PoCVulDb/blob/main/README11.md
Usuario
 4m3rr0r (UID 85795)
Sumisión2025-10-11 14:45 (hace 8 meses)
Moderación2025-10-25 18:21 (14 days later)
EstadoAceptado
Entrada de VulDB329892 [Bdtask Flight Booking Software hasta 3.1 Deposit deposit escalada de privilegios]
Puntos18

AnteriorVisión De ConjuntoPróximo

Interested in the pricing of exploits?

See the underground prices here!