| Title | tpAdmin RCE |
|---|
| Description | tpadmin is a ThinkPHP5.0 official version and Hui.admin v2.5 management background, simplify the management of the background development process, simplify the preparation of code, improve code reuse rate, while integrating complete permissions management and other commonly used functions in the management background
An arbitrary file upload vulnerability exists in tpadmin, allowing an attacker to take over server privileges.
The file upload function in this controller does not set the file format filter, so that the webshell can be uploaded.
Vulnerability point:
application\admin\controller\Upload.php
upload() function
$file parameter
The program does not filter the file upload function, which leads to security risks, such as an attacker may upload a webshell.
|
|---|
| Source | ⚠️ https://tib36.github.io/2023/04/09/tpAdmin-RCE/ |
|---|
| User | nokali (UID 42250) |
|---|
| Submission | 04/09/2023 10:59 (3 years ago) |
|---|
| Moderation | 04/10/2023 17:49 (1 day later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 225407 [yuan1994 tpAdmin 1.3.12 Upload.php Upload File unrestricted upload] |
|---|
| Points | 15 |
|---|