| Titolo | Campcodes Online Hotel Reservation System V1.0 Unrestricted Upload |
|---|
| Descrizione |
Root Cause
Online Hotel Reservation System,After logging in,When uploading an image on the room type editing page of /admin/room.php, call the /admin/edit_room.php file. After the form is submitted, the uploaded files are processed by the edit_query_room.php script. When uploading images to the page, there are no file restrictions and no unlimited upload vulnerabilities.vulnerability.
Impact
File upload vulnerabilities are extremely harmful. Attackers can upload malicious scripts (such as WebShell) to directly control the server, view, tamper with or delete files, execute system commands, and even create administrator accounts. The server may become a "zombie" and be used for DDoS attacks, sending spam, etc. At the same time, the database is vulnerable to intrusion, sensitive information such as user privacy and commercial secrets may be stolen or tampered with, and website pages may be maliciously replaced, damaging the platform's reputation. In addition, the vulnerability may also become a springboard for attacking other systems, triggering chain security issues and posing multi-dimensional threats to servers, data and users.
DESCRIPTION
Online Hotel Reservation System,After logging in, when uploading images on the room type editing page of /admin/room.php, call the /admin/edit_room.php file. After the form is submitted, the uploaded files are processed by the edit_query_room.php script. When uploading images to the page, there are no file restrictions and no unlimited upload vulnerabilities. There are no restrictions or filters. Remote attackers can use this file upload function to deliver malicious payloads, causing unrestricted file uploads and subsequently leading to remote code execution (RCE).
|
|---|
| Fonte | ⚠️ https://github.com/XiaoJiesecqwq/sql/issues/2 |
|---|
| Utente | Anonymous User |
|---|
| Sottomissione | 29/07/2025 15:22 (11 mesi fa) |
|---|
| Moderazione | 30/07/2025 19:54 (1 day later) |
|---|
| Stato | Accettato |
|---|
| Voce VulDB | 318357 [Campcodes Online Hotel Reservation System 1.0 /admin/edit_room.php photo escalationi di privilegi] |
|---|
| Punti | 20 |
|---|