Soumettre #275593: OpenBi OpenBi <=1.0.8 Pre-Authentication Arbitrary File Creationinformation

TitreOpenBi OpenBi <=1.0.8 Pre-Authentication Arbitrary File Creation
DescriptionThe OpenBI software, specifically in file /application/index/controller/Screen.php, has a Pre-Authentication Arbitrary File Creation vulnerability. This flaw allows an attacker to create a zip file with arbitrary PHP code, which can be executed when accessed. This essentially leads to Remote Code Execution (RCE). The vulnerability has been confirmed in versions up to and including 1.0.8.
La source⚠️ https://note.zhaoj.in/share/Liu1nbjddxu4
Utilisateur
 glzjin (UID 59815)
Soumission31/01/2024 07:55 (il y a 2 ans)
Modérer31/01/2024 14:10 (6 hours later)
StatutAccepté
Entrée VulDB252475 [openBI jusqu’à 1.0.8 Screen.php index fileurl élévation de privilèges]
Points19

Want to stay up to date on a daily basis?

Enable the mail alert feature now!