| 제목 | JPShop JPShop <=1.5.02 Arbitrary File Upload |
|---|
| 설명 | The JPShop application, specifically in versions up to and including 1.5.02, has been identified to contain an Arbitrary File Upload vulnerability within the AppController.php file located in the /api/controllers/admin/app/ directory. This vulnerability arises from the actionIndex function, which improperly handles user-supplied input in the app_pic_url parameter. Attackers can exploit this flaw by encoding malicious files in Base64 and submitting them through a POST request, which the application then decodes and saves without adequate validation. Consequently, this can lead to the execution of arbitrary code by navigating to the uploaded file using another endpoint that reveals the filename. |
|---|
| 원천 | ⚠️ https://note.zhaoj.in/share/rCt6PpJxBvuI |
|---|
| 사용자 | glzjin (UID 59815) |
|---|
| 제출 | 2024. 02. 04. AM 08:45 (2 연령 ago) |
|---|
| 모더레이션 | 2024. 02. 06. AM 09:29 (2 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 252998 [Juanpao JPShop 까지 1.5.02 API AppController.php app_pic_url 권한 상승] |
|---|
| 포인트들 | 20 |
|---|