Submeter #275593: OpenBi OpenBi <=1.0.8 Pre-Authentication Arbitrary File Creationinformação

TítuloOpenBi OpenBi <=1.0.8 Pre-Authentication Arbitrary File Creation
DescriçãoThe OpenBI software, specifically in file /application/index/controller/Screen.php, has a Pre-Authentication Arbitrary File Creation vulnerability. This flaw allows an attacker to create a zip file with arbitrary PHP code, which can be executed when accessed. This essentially leads to Remote Code Execution (RCE). The vulnerability has been confirmed in versions up to and including 1.0.8.
Fonte⚠️ https://note.zhaoj.in/share/Liu1nbjddxu4
Utilizador
 glzjin (UID 59815)
Submissão31/01/2024 07h55 (há 2 anos)
Moderação31/01/2024 14h10 (6 hours later)
EstadoAceite
Entrada VulDB252475 [openBI até 1.0.8 Screen.php index fileurl Elevação de Privilégios]
Pontos19

Interested in the pricing of exploits?

See the underground prices here!