| 제목 | Online Computer and Laptop Store v1.0 Any file deletion exists in the system management department |
|---|
| 설명 | This project is entitled Online Computer and Laptop Store. This web application was developed to provide an online platform for a certain computer store or business possible customers for exploring and ordering the products.Version number: v1.0
Source code online address:https://www.sourcecodester.com/php/16397/online-computer-and-laptop-store-using-php-and-mysql-source-code-free-download.html
In this system, there are system settings in the backend management module. Here, you can delete images from the system. When deleting, an absolute path is used. And the user of this path is completely controllable! When executing the deletion logic in the background, no verification was performed, and attackers can exploit this vulnerability to delete any files in the system! |
|---|
| 원천 | ⚠️ https://github.com/boyi0508/Online-Computer-and-Laptop-Store/blob/main/Any%20file%20deletion%20exists%20in%20the%20system%20management%20department.pdf |
|---|
| 사용자 | yanfei.chen (UID 39837) |
|---|
| 제출 | 2023. 04. 08. AM 05:49 (3 연령 ago) |
|---|
| 모더레이션 | 2023. 04. 08. AM 08:30 (3 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 225343 [SourceCodester Online Computer and Laptop Store 1.0 Image Master.php?f=delete_img path 디렉토리 순회] |
|---|
| 포인트들 | 20 |
|---|