제출 #251669: 石家庄公诚勤朴科技有限公司 Dreamer CMS 4.1.3 File Upload/code execution/xss정보

제목石家庄公诚勤朴科技有限公司 Dreamer CMS 4.1.3 File Upload/code execution/xss
설명Modify filename to achieve any file upload, upload html code, execute, execute xss to obtain other users cooikes, csrf man-in the-middle attack, mount phishing websites and malicious networks
원천⚠️ https://github.com/sweatxi/BugHub/blob/main/Dreamer-CMS.pdf
사용자
 hexixi (UID 59932)
제출2023. 12. 13. AM 06:08 (2 연령 ago)
모더레이션2023. 12. 24. AM 08:57 (11 days later)
상태수락
VulDB 항목248938 [Dreamer CMS 4.1.3 /upload/uploadFile 파일 권한 상승]
포인트들16

이전개요다음

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!