Soumettre #512404: SHAHID AFRIDI ZIHAD E-commerce 1.0 Remote Code Executioninformation

TitreSHAHID AFRIDI ZIHAD E-commerce 1.0 Remote Code Execution
DescriptionRemote Code Execution via Unrestricted File Upload in /customer_register.php while uploading customer image. Title of the Vulnerability: E-commerce V 1.0 | customer image - /customer_register.php | Remote Code Execution| Found By Maloy Roy Orko Vulnerability Class: Remote Code Execution Via Unrestricted File Upload Product Name: E-commerce Vendor: https://github.com/s-a-zhd/ Vulnerable Product Link: https://github.com/s-a-zhd/Ecommerce-Website-using-PHP/ CVE : N/A CWE: 434 Technical Details & Description: The application source code is coded in a way which allows Unrestricted File Upload.It can lead into: Malware Distribution Remote Code Execution (RCE) Data Breach Denial of Service (DoS) Web Shell Installation Bypassing Security Controls Reputation Damage
La source⚠️ https://www.websecurityinsights.my.id/2025/03/e-commerce-v-10-customer-image.html?m=1
Utilisateur
 MaloyRoyOrko (UID 79572)
Soumission02/03/2025 17:23 (il y a 1 Année)
Modérer06/03/2025 10:19 (4 days later)
StatutAccepté
Entrée VulDB298778 [s-a-zhd Ecommerce-Website-using-PHP 1.0 /customer_register.php Nom élévation de privilèges]
Points20

PrécédentAperçuSuivant

Do you know our Splunk app?

Download it now for free!