Отправить #275593: OpenBi OpenBi <=1.0.8 Pre-Authentication Arbitrary File CreationИнформация

НазваниеOpenBi OpenBi <=1.0.8 Pre-Authentication Arbitrary File Creation
ОписаниеThe OpenBI software, specifically in file /application/index/controller/Screen.php, has a Pre-Authentication Arbitrary File Creation vulnerability. This flaw allows an attacker to create a zip file with arbitrary PHP code, which can be executed when accessed. This essentially leads to Remote Code Execution (RCE). The vulnerability has been confirmed in versions up to and including 1.0.8.
Источник⚠️ https://note.zhaoj.in/share/Liu1nbjddxu4
Пользователь
 glzjin (UID 59815)
Представление31.01.2024 07:55 (2 лет назад)
Модерация31.01.2024 14:10 (6 hours later)
Статуспринято
Запись VulDB252475 [openBI до 1.0.8 Screen.php index fileurl эскалация привилегий]
Баллы19

Do you want to use VulDB in your project?

Use the official API to access entries easily!