| Title | QYKCMS File upload vulnerability |
|---|
| Description | There is an arbitrary file upload vulnerability in the downfile() function of the QYKCMS function.php file, which can cause malicious files to be uploaded to the server and the server permissions to be obtained
qykcms_4.3.0 Source code download address:
http://api.qingyunke.com/qykcms/down/qykcms_4.3.0.zip
Vulnerable file path:: \wwwroot\admin_system\include\function.php
A vulnerability exists in line 645-657 downfile(), which uses file_ get_ Contents() reads $url, and then uses file_ put_ The contents() function performs a write operation, only determining whether the file exists, without filtering the file content, file source, and file suffix |
|---|
| Source | ⚠️ https://github.com/VG00000/-/blob/main/README.md |
|---|
| User | VG000 (UID 43137) |
|---|
| Submission | 03/16/2023 16:00 (3 years ago) |
|---|
| Moderation | 03/17/2023 07:27 (15 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 223287 [Meizhou Qingyunke QYKCMS 4.3.0 Update /admin_system/api.php downurl unrestricted upload] |
|---|
| Points | 20 |
|---|