제출 #746795: https://github.com/yuan1994/tpadmin cms v1.3 RCE정보

제목https://github.com/yuan1994/tpadmin cms v1.3 RCE
설명A critical Remote Code Execution vulnerability exists in H-ui.admin system's WebUploader preview component. The /public/static/admin/lib/webuploader/0.1.5/server/preview.php file lacks proper authentication and file validation, allowing unauthenticated attackers to upload arbitrary PHP files directly to the web server. This results in immediate Remote Code Execution with web server privileges.
원천⚠️ https://github.com/sTy1H/CVE-Report/blob/main/Remote%20Code%20Execution%20Vulnerability%20in%20Tpadmin%20System.md
사용자
 sT1TcH (UID 91291)
제출2026. 01. 26. AM 08:55 (4 개월 ago)
모더레이션2026. 02. 06. PM 03:37 (11 days later)
상태수락
VulDB 항목344688 [yuan1994 tpadmin 까지 1.3.12 WebUploader preview.php 권한 상승]
포인트들20

이전개요다음

Do you want to use VulDB in your project?

Use the official API to access entries easily!