Soumettre #374047: Nanjing Xingyuantu Technology firms SparkShop Mall System <=1.1.6 Unrestricted Uploadinformation

TitreNanjing Xingyuantu Technology firms SparkShop Mall System <=1.1.6 Unrestricted Upload
Description vulnerability categorised as critical has been discovered in SparkShop (Spark Mall) B2C Mall. This affects sections of the unauthorised interface file app/api/controller/Common.php. Manipulation of the parameter file results in arbitrary file uploads
La source⚠️ https://github.com/J1rrY-learn/learn/blob/main/sparkshop_upload.md
Utilisateur
 J1rrY (UID 64327)
Soumission13/07/2024 06:29 (il y a 2 ans)
Modérer13/07/2024 07:40 (1 hour later)
StatutAccepté
Entrée VulDB271403 [Nanjing Xingyuantu Technology SparkShop jusqu’à 1.1.6 /api/Common/uploadFile Fichier élévation de privilèges]
Points17

PrécédentAperçuSuivant

Do you want to use VulDB in your project?

Use the official API to access entries easily!