| タイトル | code-projects Mobile Shop Management System 1.0 Unrestricted Upload |
|---|
| 説明 | The file upload function for product images fails to verify file types or sizes and directly uses filenames provided by users. This creates vulnerabilities that enable malicious file uploads and path traversal attacks. Attackers could upload executable files (such as php files) and then execute malicious code by accessing the upload directory. |
|---|
| ソース | ⚠️ https://github.com/chen2496088236/CVE/issues/2 |
|---|
| ユーザー | 111ctx (UID 89466) |
|---|
| 送信 | 2025年08月26日 12:45 (10 月 ago) |
|---|
| モデレーション | 2025年09月02日 15:00 (7 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 322188 [code-projects Mobile Shop Management System 1.0 AddNewProduct.php ProductImage 特権昇格] |
|---|
| ポイント | 19 |
|---|