제출 #111543: Online Computer and Laptop Store v1.0 Any file deletion exists in the system management department정보

제목Online Computer and Laptop Store v1.0 Any file deletion exists in the system management department
설명This project is entitled Online Computer and Laptop Store. This web application was developed to provide an online platform for a certain computer store or business possible customers for exploring and ordering the products.Version number: v1.0 Source code online address:https://www.sourcecodester.com/php/16397/online-computer-and-laptop-store-using-php-and-mysql-source-code-free-download.html In this system, there are system settings in the backend management module. Here, you can delete images from the system. When deleting, an absolute path is used. And the user of this path is completely controllable! When executing the deletion logic in the background, no verification was performed, and attackers can exploit this vulnerability to delete any files in the system!
원천⚠️ https://github.com/boyi0508/Online-Computer-and-Laptop-Store/blob/main/Any%20file%20deletion%20exists%20in%20the%20system%20management%20department.pdf
사용자 yanfei.chen (UID 39837)
제출2023. 04. 08. AM 05:49 (3 연령 ago)
모더레이션2023. 04. 08. AM 08:30 (3 hours later)
상태수락
VulDB 항목225343 [SourceCodester Online Computer and Laptop Store 1.0 Image Master.php?f=delete_img path 디렉토리 순회]
포인트들20

Do you know our Splunk app?

Download it now for free!