Gửi #300038: SOURCECODESTER File Manager App 1.0 Arbitrary File Uploadthông tin

tiêu đềSOURCECODESTER File Manager App 1.0 Arbitrary File Upload
Mô tảThe File Manager App has an Arbitrary File Upload vulnerability in `/endpoint/update-file.php`, allowing attackers to upload files of any type, including PHP scripts. This flaw can lead to executing arbitrary server-side code. The issue arises from insufficient validation of uploaded file types, enabling the upload of potentially malicious files under the guise of legitimate ones. This vulnerability highlights the critical need for strict file validation mechanisms, including checking MIME types and file extensions, to prevent unauthorized file uploads and protect the system from possible exploits.
Nguồn⚠️ https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20File%20Manager%20App/Arbitrary%20File%20Upload%20-%20update-file.php.md
Người dùng
 nochizplz (UID 64302)
Đệ trình17/03/2024 12:47 (cách đây 2 những năm)
Kiểm duyệt18/03/2024 17:07 (1 day later)
Trạng tháiđược chấp nhận
Mục VulDB257182 [SourceCodester File Manager App 1.0 update-file.php Tệp tin nâng cao đặc quyền]
điểm20

Do you want to use VulDB in your project?

Use the official API to access entries easily!