Gửi #274336: oretnom23 Facebook News Feed Like using PHP/MySQL with Source Code v1.0 File upload bypassthông tin

tiêu đềoretnom23 Facebook News Feed Like using PHP/MySQL with Source Code v1.0 File upload bypass
Mô tả# Exploit Title: Facebook News Feed Like using PHP/MySQL with Source Code File upload bypass in create new post functionality. # Exploit Author: Lakshaya Bawa # Vendor Name: oretnom23 # Vendor Homepage: https://www.sourcecodester.com/php/14602/facebook-news-feed-using-phpmysqli-source-code.html # Software Link: https://www.sourcecodester.com/php/14602/facebook-news-feed-using-phpmysqli-source-code.html # Version: v1.0 # Tested on: Windows 11, Apache Description: A file upload bypass in create new post functionality. Steps: Step 1: Login into application. Step 2: Go to create post and upload any exe or malicious file by renaming it to .png extension. It was observed that application did not block the upload of malicious files.
Người dùng
 thesorcererkingainz (UID 33807)
Đệ trình28/01/2024 15:57 (cách đây 2 những năm)
Kiểm duyệt29/01/2024 14:31 (23 hours later)
Trạng tháiđược chấp nhận
Mục VulDB252300 [SourceCodester Facebook News Feed Like 1.0 Post nâng cao đặc quyền]
điểm17

Want to know what is going to be exploited?

We predict KEV entries!