Invia #566596: kkFileView 4.4.0 Arbitrary File Writinginformazioni

TitolokkFileView 4.4.0 Arbitrary File Writing
DescrizioneUser can upload a compressed file which includes arbitrary kind of file types, when they preview the compressed file, it will be decompressed automatically without any check, so some dangerous file like .jsp .exe, etc. will be saved in the server.
Fonte⚠️ https://magnificent-dill-351.notion.site/Arbitrary-File-Upload-in-kkFileView-4-4-0-1e3c693918ed802581faccab9140a130
Utente
 s0l42 (UID 82389)
Sottomissione28/04/2025 11:58 (1 Anno fa)
Moderazione10/05/2025 14:58 (12 days later)
StatoAccettato
Voce VulDB308283 [kkFileView 4.4.0 /fileUpload File escalationi di privilegi]
Punti13

PrecedenteVisione D'ensembleIl prossimo

Might our Artificial Intelligence support you?

Check our Alexa App!