| 제목 | Boyun Boyun PHPCMS <=1.4.20 arbitrary file upload |
|---|
| 설명 | BoYunCMS (versions ≤1.4.20) suffers from an arbitrary file upload vulnerability in the /application/user/controller/Index.php file. Due to insufficient validation in the file upload functionality, authenticated users can upload malicious files, such as web shells, via the /user/Index/upload endpoint. This flaw allows attackers to achieve remote code execution on the server, posing a critical security risk. |
|---|
| 원천 | ⚠️ https://note-hxlab.wetolink.com/share/KLjaD7oBzCSp |
|---|
| 사용자 | YELEIPENG (UID 73615) |
|---|
| 제출 | 2025. 06. 26. AM 10:57 (10 개월 ago) |
|---|
| 모더레이션 | 2025. 07. 05. PM 07:33 (9 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 315014 [BoyunCMS 까지 1.4.20 Index.php image 권한 상승] |
|---|
| 포인트들 | 20 |
|---|