| Title | DESHANG DSShop <=3.1.0 Arbitrary File Deletion |
|---|
| Description | The DSShop System, version 3.1.0 and earlier, has an Arbitrary File Deletion vulnerability in the file application/home/controller/MemberAuth.php. The flaw allows an attacker to manipulate a user's property, specifically the member_areainfo, to delete any file on the server. By creating a new user, setting its property to the path of an arbitrary file, and using the image_upload function to create an idcard_image folder, an attacker can subsequently send a request to image_drop to delete the targeted file. This vulnerability could be exploited to delete crucial files such as the installation lock, allowing the attacker to reinstall the website and gain control over the target system. |
|---|
| Source | ⚠️ https://note.zhaoj.in/share/ZpRTCLblKd7N |
|---|
| User | glzjin (UID 59815) |
|---|
| Submission | 01/09/2024 11:37 (2 years ago) |
|---|
| Moderation | 01/11/2024 11:23 (2 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 250437 [DeShang DSShop up to 2.1.5 MemberAuth.php member_info path traversal] |
|---|
| Points | 20 |
|---|