제출 #469686: donglight bookstore 1.0 Remote Command Execution정보

제목donglight bookstore 1.0 Remote Command Execution
설명The uploadPicture method in src/main/java/org/zdd/bookstore/web/controller/admin/AdminBookController. java does not restrict the uploaded files, resulting in remote command execution
원천⚠️ https://github.com/donglight/bookstore/issues/10
사용자
 LVZC1 (UID 76422)
제출2024. 12. 27. PM 03:02 (1 년도 ago)
모더레이션2025. 01. 08. PM 05:49 (12 days later)
상태수락
VulDB 항목290815 [donglight bookstore电商书城系统说明 1.0 AdminBookController. java uploadPicture pictureFile 권한 상승]
포인트들15

이전개요다음

Interested in the pricing of exploits?

See the underground prices here!