제출 #87696: An arbitrary file upload vulnerability in the /ecshop/admin/template.php component of EcShop v4.1.5 allows attackers to get webshell or execute arbitrary code via a crafted ".phP" file.정보

제목An arbitrary file upload vulnerability in the /ecshop/admin/template.php component of EcShop v4.1.5 allows attackers to get webshell or execute arbitrary code via a crafted ".phP" file.
설명Vulnerability type:upload webshell product: Ecshop(An open source product sales website used by many Chinese online shopping websites ) Version:V4.1.5 Firmware download address: https://www.ecshop.com/download or my clone source https://github.com/jingping911/exshopbug Affected component:/ecshop/admin/template.php Attack type:Remote Attack vector detail: https://github.com/jingping911/exshopbug/blob/main/README.md Impact: Code Execution Description:An arbitrary file upload vulnerability in the /ecshop/admin/template.php component of EcShop v4.1.5 allows attackers to get webshell or execute arbitrary code via a crafted ".phP" file.
원천⚠️ https://github.com/jingping911/exshopbug/blob/main/README.md
사용자
 wjp911 (UID 40747)
제출2023. 02. 11. AM 11:44 (3 연령 ago)
모더레이션2023. 02. 11. PM 06:04 (6 hours later)
상태수락
VulDB 항목220641 [EcShop 4.1.5 PHP File template.php 권한 상승]
포인트들20

이전개요다음

Do you want to use VulDB in your project?

Use the official API to access entries easily!