Submeter #746795: https://github.com/yuan1994/tpadmin cms v1.3 RCEinformação

Títulohttps://github.com/yuan1994/tpadmin cms v1.3 RCE
DescriçãoA critical Remote Code Execution vulnerability exists in H-ui.admin system's WebUploader preview component. The /public/static/admin/lib/webuploader/0.1.5/server/preview.php file lacks proper authentication and file validation, allowing unauthenticated attackers to upload arbitrary PHP files directly to the web server. This results in immediate Remote Code Execution with web server privileges.
Fonte⚠️ https://github.com/sTy1H/CVE-Report/blob/main/Remote%20Code%20Execution%20Vulnerability%20in%20Tpadmin%20System.md
Utilizador
 sT1TcH (UID 91291)
Submissão26/01/2026 08h55 (há 4 meses)
Moderação06/02/2026 15h37 (11 days later)
EstadoAceite
Entrada VulDB344688 [yuan1994 tpadmin até 1.3.12 WebUploader preview.php Elevação de Privilégios]
Pontos20

VoltarVisão GeralPróximo

Want to stay up to date on a daily basis?

Enable the mail alert feature now!