| タイトル | JPShop JPShop <=1.5.02 Arbitrary File Upload |
|---|
| 説明 | The JPShop application, specifically in versions up to and including 1.5.02, has been identified to contain an Arbitrary File Upload vulnerability within the AppController.php file located in the /api/controllers/admin/app/ directory. This vulnerability arises from the actionIndex function, which improperly handles user-supplied input in the app_pic_url parameter. Attackers can exploit this flaw by encoding malicious files in Base64 and submitting them through a POST request, which the application then decodes and saves without adequate validation. Consequently, this can lead to the execution of arbitrary code by navigating to the uploaded file using another endpoint that reveals the filename. |
|---|
| ソース | ⚠️ https://note.zhaoj.in/share/rCt6PpJxBvuI |
|---|
| ユーザー | glzjin (UID 59815) |
|---|
| 送信 | 2024年02月04日 08:45 (2 年 ago) |
|---|
| モデレーション | 2024年02月06日 09:29 (2 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 252998 [Juanpao JPShop 迄 1.5.02 API AppController.php app_pic_url 特権昇格] |
|---|
| ポイント | 20 |
|---|