Soumettre #632535: YiFang CMS 2.0.5 Unrestricted Uploadinformation

TitreYiFang CMS 2.0.5 Unrestricted Upload
DescriptionThe core code of the app/utils/base/plugin/P_file.php vulnerability is located in the mergeMultipartUpload() method in the above file. The uploaded file name is determined by the suffixes in md5value and name. Both of these are controllable, resulting in any file upload.
La source⚠️ https://github.com/August829/Yu/blob/main/20250811_3.md
Utilisateur
 Yu Bao (UID 88956)
Soumission12/08/2025 15:46 (il y a 11 mois)
Modérer24/08/2025 16:47 (12 days later)
StatutAccepté
Entrée VulDB321236 [YiFang CMS jusqu’à 2.0.5 P_file.php mergeMultipartUpload Fichier élévation de privilèges]
Points18

Might our Artificial Intelligence support you?

Check our Alexa App!