提出 #275593: OpenBi OpenBi <=1.0.8 Pre-Authentication Arbitrary File Creation情報

タイトルOpenBi OpenBi <=1.0.8 Pre-Authentication Arbitrary File Creation
説明The OpenBI software, specifically in file /application/index/controller/Screen.php, has a Pre-Authentication Arbitrary File Creation vulnerability. This flaw allows an attacker to create a zip file with arbitrary PHP code, which can be executed when accessed. This essentially leads to Remote Code Execution (RCE). The vulnerability has been confirmed in versions up to and including 1.0.8.
ソース⚠️ https://note.zhaoj.in/share/Liu1nbjddxu4
ユーザー
 glzjin (UID 59815)
送信2024年01月31日 07:55 (2 年 ago)
モデレーション2024年01月31日 14:10 (6 hours later)
ステータス承諾済み
VulDBエントリ252475 [openBI 迄 1.0.8 Screen.php index fileurl 特権昇格]
ポイント19

Do you need the next level of professionalism?

Upgrade your account now!