Отправить #603640: SourceCodester Simple Company Website with an Admin Panel V1.0 Arbitrary File UploadИнформация

НазваниеSourceCodester Simple Company Website with an Admin Panel V1.0 Arbitrary File Upload
ОписаниеDuring the security assessment of the 'Simple Company Website with an Admin Panel' application, a critical arbitrary file upload vulnerability was discovered in the /classes/Content.php file. Due to the lack of input validation, unauthenticated users can send specially crafted HTTP requests to upload malicious scripts. These scripts are then accessible and executable via a web browser, enabling the attacker to fully compromise the server environment.
Источник⚠️ https://github.com/ez-lbz/poc/issues/26
Пользователь meraklbz (UID 87053)
Представление25.06.2025 07:19 (1 Год назад)
Модерация28.06.2025 13:01 (3 days later)
Статуспринято
Запись VulDB314342 [SourceCodester Simple Company Website 1.0 Content.php?f=service img эскалация привилегий]
Баллы20

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!