| Título | JPShop JPShop <=1.5.02 Arbitrary File Upload |
|---|
| Descrição | The JPShop application, specifically in versions up to and including 1.5.02, has been identified to contain an Arbitrary File Upload vulnerability within the AppController.php file located in the /api/controllers/admin/app/ directory. This vulnerability arises from the actionIndex function, which improperly handles user-supplied input in the app_pic_url parameter. Attackers can exploit this flaw by encoding malicious files in Base64 and submitting them through a POST request, which the application then decodes and saves without adequate validation. Consequently, this can lead to the execution of arbitrary code by navigating to the uploaded file using another endpoint that reveals the filename. |
|---|
| Fonte | ⚠️ https://note.zhaoj.in/share/rCt6PpJxBvuI |
|---|
| Utilizador | glzjin (UID 59815) |
|---|
| Submissão | 04/02/2024 08h45 (há 2 anos) |
|---|
| Moderação | 06/02/2024 09h29 (2 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 252998 [Juanpao JPShop até 1.5.02 API AppController.php app_pic_url Elevação de Privilégios] |
|---|
| Pontos | 20 |
|---|