| Название | JPShop JPShop <=1.5.02 Arbitrary File Upload |
|---|
| Описание | The JPShop application, specifically its version up to 1.5.02, contains an Arbitrary File Upload vulnerability within the ComboController.php file located in the /api/controllers/admin/app/ directory. This vulnerability arises due to the application's failure to properly validate user-supplied input for the pic_url parameter, which is processed by the actionIndex function. An attacker can exploit this flaw by encoding malicious content and sending a specially crafted PUT request to upload arbitrary files, including potentially executable scripts, to the server. Once uploaded, the attacker can then use another endpoint to retrieve the filename and subsequently access or execute the file on the server, leading to a potential compromise of the system. |
|---|
| Источник | ⚠️ https://note.zhaoj.in/share/H73DuWdyifaI |
|---|
| Пользователь | glzjin (UID 59815) |
|---|
| Представление | 04.02.2024 09:47 (2 лет назад) |
|---|
| Модерация | 06.02.2024 09:29 (2 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 252999 [Juanpao JPShop до 1.5.02 API ComboController.php actionIndex pic_url эскалация привилегий] |
|---|
| Баллы | 20 |
|---|