जमा करें #456458: code-projects online-notice-board-using-php 1.0 Unrestricted Uploadजानकारी

शीर्षक	code-projects online-notice-board-using-php 1.0 Unrestricted Upload
विवरण	Attacker can upload malicious file when registering through the profile picture upload. The uploaded profile picture is in no restrictions and will be stored in /images/{USER-EMAIL}/{UPLOAD_FILENAME} Hackers can upload .php file such as and visit /images/{USER-EMAIL}/malicious_php_file.php?1={ANY COMMAND HERE} to execute any command.
स्रोत	⚠️ https://github.com/LamentXU123/cve/blob/main/RCE1.md
उपयोगकर्ता	LamentXU (UID 78142)
सबमिशन	04/12/2024 06:27 AM (2 साल पहले)
संयम	05/12/2024 09:48 AM (1 day later)
स्थिति	स्वीकृत
VulDB प्रविष्टि	286979 [code-projects Online Notice Board तक 1.0 Profile Picture /registration.php img अधिकार वृद्धि]
अंक	19

Interested in the pricing of exploits?

See the underground prices here!