제출 #274336: oretnom23 Facebook News Feed Like using PHP/MySQL with Source Code v1.0 File upload bypass정보

제목oretnom23 Facebook News Feed Like using PHP/MySQL with Source Code v1.0 File upload bypass
설명# Exploit Title: Facebook News Feed Like using PHP/MySQL with Source Code File upload bypass in create new post functionality. # Exploit Author: Lakshaya Bawa # Vendor Name: oretnom23 # Vendor Homepage: https://www.sourcecodester.com/php/14602/facebook-news-feed-using-phpmysqli-source-code.html # Software Link: https://www.sourcecodester.com/php/14602/facebook-news-feed-using-phpmysqli-source-code.html # Version: v1.0 # Tested on: Windows 11, Apache Description: A file upload bypass in create new post functionality. Steps: Step 1: Login into application. Step 2: Go to create post and upload any exe or malicious file by renaming it to .png extension. It was observed that application did not block the upload of malicious files.
사용자
 thesorcererkingainz (UID 33807)
제출2024. 01. 28. PM 03:57 (2 연령 ago)
모더레이션2024. 01. 29. PM 02:31 (23 hours later)
상태수락
VulDB 항목252300 [SourceCodester Facebook News Feed Like 1.0 Post 권한 상승]
포인트들17

Do you need the next level of professionalism?

Upgrade your account now!