제출 #287350: Project Worlds Complaint Management System unknown Remote Code Execution (RCE) via Unrestricted File Upload정보

제목Project Worlds Complaint Management System unknown Remote Code Execution (RCE) via Unrestricted File Upload
설명### **Vendor and Product Information:** - **Vendor:** Project Worlds - **Product:** **Complaint Management System** - **Product URL:** [Complaint Management System](https://www.sourcecodester.com/php/13333/file-management-system-very-complete-using-phpmysqli.html) ### **Vulnerability Details:** - **Vulnerability Location:** File Upload Functionality - **Vulnerability Type:** Remote Code Execution (RCE) - **Affected Component:** [users/register-complaint.php] - **Severity:** Critical ### **Description:** ### Vulnerable Family: The vulnerability exists in the file upload functionality of the [Product Name]. The application fails to properly validate file uploads, allowing attackers to upload and execute arbitrary PHP files. ### Current Situation: Attackers can exploit this vulnerability by logging in to a user account (e.g., [email protected]), navigating to the "Lodge Complaint" section, and uploading a malicious PHP file. By intercepting the upload request with tools like Burp Suite, attackers can modify the content of the PHP file to contain code that executes system commands. Upon successful upload, attackers can trigger the execution of the uploaded PHP file by viewing the details of the complaint and choosing the uploaded file, leading to remote code execution on the server.
원천⚠️ https://toradah.notion.site/Remote-Code-Execution-RCE-via-Unrestricted-File-Upload-6ed7ae9c833c4d8baaae7d64ae0c4a47?pvs=4
사용자
 torada (UID 61170)
제출2024. 02. 24. AM 10:06 (2 연령 ago)
모더레이션2024. 02. 25. PM 07:26 (1 day later)
상태수락
VulDB 항목254723 [SourceCodester Complaint Management System 1.0 Lodge Complaint Section register-complaint.php 권한 상승]
포인트들17

Want to know what is going to be exploited?

We predict KEV entries!