Submeter #753240: https://github.com/huanzi-qch/base-admin base-admin v1.0 Upload any fileinformação

Títulohttps://github.com/huanzi-qch/base-admin base-admin v1.0 Upload any file
DescriçãoThe base-admin system contains an arbitrary file upload vulnerability. The base-admin management system contains an arbitrary file upload vulnerability. Attackers can upload any file type. Although the target environment does not support JSP parsing, it can still upload HTML files, potentially leading to a stored XSS attack.
Fonte⚠️ https://github.com/huanzi-qch/base-admin/issues/38
Utilizador
 Jszdk (UID 95030)
Submissão06/02/2026 07h13 (há 3 meses)
Moderação18/02/2026 09h57 (12 days later)
EstadoAceite
Entrada VulDB346462 [huanzi-qch base-admin até 57a8126bb3353a004f3c7722089e3b926ea83596 JSP Parser SysFileController.java upload Ficheiro Elevação de Privilégios]
Pontos18

VoltarVisão GeralPróximo