提出 #618946: code-projects Church Donation System V1.0 Unrestricted Upload情報

タイトルcode-projects Church Donation System V1.0 Unrestricted Upload
説明During the security assessment of "Church Donation System", I detected a critical unrestricted file upload vulnerability in the "/members/admin_pic.php" file. This vulnerability is attributed to the insufficient validation of uploaded files. Attackers can upload arbitrary files by bypassing file extension checks, MIME type validation, or content inspection. This enables them to execute unauthorized code on the server, posing a significant threat. Immediate corrective measures are required to safeguard system security and protect business data.
ソース⚠️ https://github.com/n0name-yang/myCVE/issues/16
ユーザー
 n0name (UID 82970)
送信2025年07月19日 13:03 (12 月 ago)
モデレーション2025年07月21日 08:30 (2 days later)
ステータス承諾済み
VulDBエントリ317060 [code-projects Church Donation System 1.0 /members/admin_pic.php image 特権昇格]
ポイント20

Do you need the next level of professionalism?

Upgrade your account now!