| 제목 | github//HFO4/ shudong-share 2.4.7 Arbitrary File Upload |
|---|
| 설명 | The reason for the vulnerability of arbitrary file upload is that the website application allows users to add any type of upload file extension in the management background, bypassing the whitelist restriction code. In addition, the fileReceiver. php code also performs a second blacklist check but can be bypassed using uppercase Php, resulting in arbitrary file upload. |
|---|
| 원천 | ⚠️ https://github.com/enjoyworld/webray.com.cn/blob/main/cves/shudong-share%20Any%20File%20Upload.md |
|---|
| 사용자 | xmg404 (UID 74197) |
|---|
| 제출 | 2024. 08. 29. AM 03:54 (2 연령 ago) |
|---|
| 모더레이션 | 2024. 08. 30. AM 09:10 (1 day later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 276217 [HFO4 shudong-share 2.4.7 File Extension fileReceive.php 파일 권한 상승] |
|---|
| 포인트들 | 18 |
|---|