| 제목 | tpAdmin RCE |
|---|
| 설명 | tpadmin is a ThinkPHP5.0 official version and Hui.admin v2.5 management background, simplify the management of the background development process, simplify the preparation of code, improve code reuse rate, while integrating complete permissions management and other commonly used functions in the management background
An arbitrary file upload vulnerability exists in tpadmin, allowing an attacker to take over server privileges.
The file upload function in this controller does not set the file format filter, so that the webshell can be uploaded.
Vulnerability point:
application\admin\controller\Upload.php
upload() function
$file parameter
The program does not filter the file upload function, which leads to security risks, such as an attacker may upload a webshell.
|
|---|
| 원천 | ⚠️ https://tib36.github.io/2023/04/09/tpAdmin-RCE/ |
|---|
| 사용자 | nokali (UID 42250) |
|---|
| 제출 | 2023. 04. 09. AM 10:59 (3 연령 ago) |
|---|
| 모더레이션 | 2023. 04. 10. PM 05:49 (1 day later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 225407 [yuan1994 tpAdmin 1.3.12 Upload.php Upload 파일 권한 상승] |
|---|
| 포인트들 | 15 |
|---|