제출 #300038: SOURCECODESTER File Manager App 1.0 Arbitrary File Upload정보

제목SOURCECODESTER File Manager App 1.0 Arbitrary File Upload
설명The File Manager App has an Arbitrary File Upload vulnerability in `/endpoint/update-file.php`, allowing attackers to upload files of any type, including PHP scripts. This flaw can lead to executing arbitrary server-side code. The issue arises from insufficient validation of uploaded file types, enabling the upload of potentially malicious files under the guise of legitimate ones. This vulnerability highlights the critical need for strict file validation mechanisms, including checking MIME types and file extensions, to prevent unauthorized file uploads and protect the system from possible exploits.
원천⚠️ https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20File%20Manager%20App/Arbitrary%20File%20Upload%20-%20update-file.php.md
사용자
 nochizplz (UID 64302)
제출2024. 03. 17. PM 12:47 (2 연령 ago)
모더레이션2024. 03. 18. PM 05:07 (1 day later)
상태수락
VulDB 항목257182 [SourceCodester File Manager App 1.0 update-file.php 파일 권한 상승]
포인트들20

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!