Submit #521169: Vulnerabilities in the dating platform. windows 4.0 File upload vulnerabilityinfo

TitleVulnerabilities in the dating platform. windows 4.0 File upload vulnerability
DescriptionCode auditing reveals that the following code receives the data parameter through the input function. The type of the data parameter is an array, and then it calls the base64image function for processing. $res = base64Image($v,"uploads/".date("Y-m-d")."/"); if (preg_match('/^(data:\s*image\/(\w+);base64,)/',$imgBase64,$res)) if (file_put_contents($new_file,base64_decode(str_replace($res[1],'', $imgBase64)))) After encoding the verification code with Base64, upload it. https://www.jianshu.com/p/f8ca5e3cd889
Source⚠️ https://www.jianshu.com/p/f8ca5e3cd889
User
 leizi (UID 82832)
Submission03/16/2025 07:46 (1 Year ago)
Moderation03/22/2025 14:45 (6 days later)
StatusAccepted
VulDB entry300688 [Yue Lao Blind Box 月老盲盒 up to 4.0 Upload.php base64image data unrestricted upload]
Points20

PreviousOverviewNext

Might our Artificial Intelligence support you?

Check our Alexa App!