提出 #602325: code-projects Car Rental System V1.0 Unrestricted Upload情報

タイトルcode-projects Car Rental System V1.0 Unrestricted Upload
説明A critical file upload vulnerability exists in the /admin/add_cars.php file of Car Rental System V1.0, allowing attackers to upload malicious PHP scripts (such as AntSword webshells) by bypassing file type and content validation. Once uploaded, attackers can use the AntSword client to establish a connection via formatted POST requests, enabling full control over the target system, including executing system commands, browsing the file system, and stealing sensitive data.
ソース⚠️ https://github.com/zzb1388/cve/issues/12
ユーザー
 zzb1 (UID 85707)
送信2025年06月22日 11:59 (1 年 ago)
モデレーション2025年06月25日 16:49 (3 days later)
ステータス承諾済み
VulDBエントリ313880 [code-projects Car Rental System 1.0 /admin/add_cars.php image 特権昇格]
ポイント20

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!