| Title | LoveCards LoveCardsV2 2.3.2 External Control of System or Configuration Setting |
|---|
| Description | LoveCardsV2 is a confession wall program built with PHP8, using ThinkPHP as its foundation framework. In the latest version of LoveCardsV2(2.3.2), there is an unauthorized access vulnerability where attackers can modify configurations through unauthorized access, implement file uploads, and ultimately execute code execution. |
|---|
| Source | ⚠️ https://ctf-n0el4kls.notion.site/LoveCardsV2-Unauthentication-to-RCE-Vulnerability-19841990f44780de8263c1f77a007a83?pvs=4 |
|---|
| User | n0el4kls (UID 80089) |
|---|
| Submission | 03/02/2025 13:09 (1 Year ago) |
|---|
| Moderation | 03/11/2025 16:11 (9 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 299290 [LoveCards LoveCardsV2 up to 2.3.2 Setting /api/system/other access control] |
|---|
| Points | 15 |
|---|