提出 #603640: SourceCodester Simple Company Website with an Admin Panel V1.0 Arbitrary File Upload情報

タイトルSourceCodester Simple Company Website with an Admin Panel V1.0 Arbitrary File Upload
説明During the security assessment of the 'Simple Company Website with an Admin Panel' application, a critical arbitrary file upload vulnerability was discovered in the /classes/Content.php file. Due to the lack of input validation, unauthenticated users can send specially crafted HTTP requests to upload malicious scripts. These scripts are then accessible and executable via a web browser, enabling the attacker to fully compromise the server environment.
ソース⚠️ https://github.com/ez-lbz/poc/issues/26
ユーザー meraklbz (UID 87053)
送信2025年06月25日 07:19 (1 年 ago)
モデレーション2025年06月28日 13:01 (3 days later)
ステータス承諾済み
VulDBエントリ314342 [SourceCodester Simple Company Website 1.0 Content.php?f=service img 特権昇格]
ポイント20

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!