| 제목 | flute-cms.com Web-based CMS for server games written on PHP v0.2.2.4-alpha File Upload |
|---|
| 설명 | By registering an account and logging in, you can upload PHP files on the avatar upload page, but it requires modifying the header information of the PHP file to bypass detection.
Register a user and log in, modify the user avatar, upload a PHP file, and add the header GIF89a.
Source code:https://github.com/Flute-CMS/cms/releases
|
|---|
| 원천 | ⚠️ https://github.com/DeepMountains/Mirage/blob/main/CVE5-1.md |
|---|
| 사용자 | Dee.Mirage (UID 71702) |
|---|
| 제출 | 2024. 07. 16. AM 07:21 (2 연령 ago) |
|---|
| 모더레이션 | 2024. 07. 20. PM 12:06 (4 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 272067 [Flute CMS 0.2.2.4-alpha Avatar Upload Page ImagesController.php 아바타 권한 상승] |
|---|
| 포인트들 | 18 |
|---|