Invia #276044: Whatsns Whatsns <=6.0.3 Deserializationinformazioni

TitoloWhatsns Whatsns <=6.0.3 Deserialization
DescrizioneThis vulnerability is present in the application/controllers/User.php file of the Whatsns software (versions ≤6.0.3). The vulnerability arises from the 'addxinzhi' function, which accepts an 'outimgurl' parameter that is passed to file_exists, allowing an attacker to control the prefix of the file path. This can be manipulated to set the prefix to 'phar://' and trigger a file deserialization. Through a crafted phar file, the attacker can cause remote code execution (RCE) on the server.
Fonte⚠️ https://note.zhaoj.in/share/qFXZZfp1NLa3
Utente
 glzjin (UID 59815)
Sottomissione01/02/2024 07:54 (2 anni fa)
Moderazione02/02/2024 08:57 (1 day later)
StatoAccettato
Voce VulDB252696 [openBI fino a 6.0.3 Phar User.php addxinzhi outimgurl escalationi di privilegi]
Punti20

PrecedenteVisione D'ensembleIl prossimo

Do you know our Splunk app?

Download it now for free!