제출 #419222: 零起飞 07FlyCms 1.3.8 FileUpload정보

제목零起飞 07FlyCms 1.3.8 FileUpload
설명In the background of 07flycms, you can customize the upload module plug-in. There are file restrictions in the front-end js, but the uploaded files and file contents are not filtered on the server. As a result, attackers can directly upload webshell files after disabling the front-end js in the browser.
원천⚠️ https://github.com/DeepMountains/zzz/blob/main/CVE6-1.md
사용자
 chenzijie0619 (UID 74657)
제출2024. 10. 07. AM 03:29 (2 연령 ago)
모더레이션2024. 10. 11. AM 08:35 (4 days later)
상태수락
VulDB 항목280051 [07FLYCMS/07FLY-CMS/07FlyCRM 1.3.8 Module Plug-In sysmodule_1 uploadFile 파일 권한 상승]
포인트들17

Do you know our Splunk app?

Download it now for free!