| शीर्षक | YiFang CMS 2.0.5 Unrestricted Upload |
|---|
| विवरण | The core code of the app/utils/base/plugin/P_file.php vulnerability is located in the mergeMultipartUpload() method in the above file. The uploaded file name is determined by the suffixes in md5value and name. Both of these are controllable, resulting in any file upload. |
|---|
| स्रोत | ⚠️ https://github.com/August829/Yu/blob/main/20250811_3.md |
|---|
| उपयोगकर्ता | Yu Bao (UID 88956) |
|---|
| सबमिशन | 12/08/2025 03:46 PM (11 महीनों पहले) |
|---|
| संयम | 24/08/2025 04:47 PM (12 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 321236 [YiFang CMS तक 2.0.5 P_file.php mergeMultipartUpload Arquivo अधिकार वृद्धि] |
|---|
| अंक | 18 |
|---|