Invia #275593: OpenBi OpenBi <=1.0.8 Pre-Authentication Arbitrary File Creationinformazioni

TitoloOpenBi OpenBi <=1.0.8 Pre-Authentication Arbitrary File Creation
DescrizioneThe OpenBI software, specifically in file /application/index/controller/Screen.php, has a Pre-Authentication Arbitrary File Creation vulnerability. This flaw allows an attacker to create a zip file with arbitrary PHP code, which can be executed when accessed. This essentially leads to Remote Code Execution (RCE). The vulnerability has been confirmed in versions up to and including 1.0.8.
Fonte⚠️ https://note.zhaoj.in/share/Liu1nbjddxu4
Utente
 glzjin (UID 59815)
Sottomissione31/01/2024 07:55 (2 anni fa)
Moderazione31/01/2024 14:10 (6 hours later)
StatoAccettato
Voce VulDB252475 [openBI fino a 1.0.8 Screen.php index fileurl escalationi di privilegi]
Punti19

Do you want to use VulDB in your project?

Use the official API to access entries easily!