Submeter #604455: Boyun Boyun PHPCMS <=1.4.20 arbitrary file uploadinformação

TítuloBoyun Boyun PHPCMS <=1.4.20 arbitrary file upload
DescriçãoBoYunCMS (versions ≤1.4.20) suffers from an arbitrary file upload vulnerability in the /application/user/controller/Index.php file. Due to insufficient validation in the file upload functionality, authenticated users can upload malicious files, such as web shells, via the /user/Index/upload endpoint. This flaw allows attackers to achieve remote code execution on the server, posing a critical security risk.
Fonte⚠️ https://note-hxlab.wetolink.com/share/KLjaD7oBzCSp
Utilizador
 YELEIPENG (UID 73615)
Submissão26/06/2025 10h57 (há 10 meses)
Moderação05/07/2025 19h33 (9 days later)
EstadoAceite
Entrada VulDB315014 [BoyunCMS até 1.4.20 Index.php image Elevação de Privilégios]
Pontos20

VoltarVisão GeralPróximo

Do you need the next level of professionalism?

Upgrade your account now!