Invia #632535: YiFang CMS 2.0.5 Unrestricted Uploadinformazioni

TitoloYiFang CMS 2.0.5 Unrestricted Upload
DescrizioneThe core code of the app/utils/base/plugin/P_file.php vulnerability is located in the mergeMultipartUpload() method in the above file. The uploaded file name is determined by the suffixes in md5value and name. Both of these are controllable, resulting in any file upload.
Fonte⚠️ https://github.com/August829/Yu/blob/main/20250811_3.md
Utente
 Yu Bao (UID 88956)
Sottomissione12/08/2025 15:46 (11 mesi fa)
Moderazione24/08/2025 16:47 (12 days later)
StatoAccettato
Voce VulDB321236 [YiFang CMS fino a 2.0.5 P_file.php mergeMultipartUpload File escalationi di privilegi]
Punti18

Do you need the next level of professionalism?

Upgrade your account now!