Submeter #632535: YiFang CMS 2.0.5 Unrestricted Uploadinformação

TítuloYiFang CMS 2.0.5 Unrestricted Upload
DescriçãoThe core code of the app/utils/base/plugin/P_file.php vulnerability is located in the mergeMultipartUpload() method in the above file. The uploaded file name is determined by the suffixes in md5value and name. Both of these are controllable, resulting in any file upload.
Fonte⚠️ https://github.com/August829/Yu/blob/main/20250811_3.md
Utilizador
 Yu Bao (UID 88956)
Submissão12/08/2025 15h46 (há 11 meses)
Moderação24/08/2025 16h47 (12 days later)
EstadoAceite
Entrada VulDB321236 [YiFang CMS até 2.0.5 P_file.php mergeMultipartUpload Ficheiro Elevação de Privilégios]
Pontos18

Want to stay up to date on a daily basis?

Enable the mail alert feature now!