| 제목 | OpenBi OpenBi <=1.0.8 Pre-Authentication Arbitrary File Creation |
|---|
| 설명 | The OpenBI software, specifically in file /application/index/controller/Screen.php, has a Pre-Authentication Arbitrary File Creation vulnerability. This flaw allows an attacker to create a zip file with arbitrary PHP code, which can be executed when accessed. This essentially leads to Remote Code Execution (RCE). The vulnerability has been confirmed in versions up to and including 1.0.8. |
|---|
| 원천 | ⚠️ https://note.zhaoj.in/share/Liu1nbjddxu4 |
|---|
| 사용자 | glzjin (UID 59815) |
|---|
| 제출 | 2024. 01. 31. AM 07:55 (2 연령 ago) |
|---|
| 모더레이션 | 2024. 01. 31. PM 02:10 (6 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 252475 [openBI 까지 1.0.8 Screen.php index fileurl 권한 상승] |
|---|
| 포인트들 | 19 |
|---|