Gửi #275593: OpenBi OpenBi <=1.0.8 Pre-Authentication Arbitrary File Creationthông tin

tiêu đềOpenBi OpenBi <=1.0.8 Pre-Authentication Arbitrary File Creation
Mô tảThe OpenBI software, specifically in file /application/index/controller/Screen.php, has a Pre-Authentication Arbitrary File Creation vulnerability. This flaw allows an attacker to create a zip file with arbitrary PHP code, which can be executed when accessed. This essentially leads to Remote Code Execution (RCE). The vulnerability has been confirmed in versions up to and including 1.0.8.
Nguồn⚠️ https://note.zhaoj.in/share/Liu1nbjddxu4
Người dùng
 glzjin (UID 59815)
Đệ trình31/01/2024 07:55 (cách đây 2 những năm)
Kiểm duyệt31/01/2024 14:10 (6 hours later)
Trạng tháiđược chấp nhận
Mục VulDB252475 [openBI đến 1.0.8 Screen.php index fileurl nâng cao đặc quyền]
điểm19

Do you know our Splunk app?

Download it now for free!