| Title | https://github.com/osuuu/LightPicture LightPicture 1.2.2 unauthorized file upload |
|---|
| Description | osuuu LightPicture 1.2.2 version has an unauthorized file upload vulnerability. This vulnerability allows anyone to upload PHP files to the server without logging in, thereby being able to execute arbitrary PHP code to obtain server permissions. |
|---|
| Source | ⚠️ https://github.com/sheratan4/cve/issues/1 |
|---|
| User | sheratan (UID 71236) |
|---|
| Submission | 02/21/2025 12:29 (1 Year ago) |
|---|
| Moderation | 03/01/2025 20:58 (8 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 298102 [osuuu LightPicture 1.2.2 /app/controller/Api.php upload File unrestricted upload] |
|---|
| Points | 16 |
|---|