提交 #261736: Sourcecodester Clinic Queuing System 1.0 Local File Inclusion信息

标题Sourcecodester Clinic Queuing System 1.0 Local File Inclusion
描述The Sourcecodester Clinic Queuing System 1.0 is vulnerable to authenticated Local File Inclusion. In /index.php, the page GET parameter is unsafely passed into the include php function as seen below: <?php include($page.".php"); ?> This can be escalated into RCE by leveraging PHP Filter Chaining (https://github.com/synacktiv/php_filter_chain_generator). This was chained to the Auth Bypass (VulDB Sumission #261684) to make a full chain of RCE. Please refer to the proof-of-concept for demonstration.
来源⚠️ https://github.com/jmrcsnchz/ClinicQueueingSystem_RCE
用户
 Echidonut (UID 45929)
提交2024-01-03 06時46分 (3 年前)
管理2024-01-06 09時52分 (3 days later)
状态已接受
VulDB条目249821 [SourceCodester Clinic Queuing System 1.0 GET Parameter /index.php page 权限提升]
积分20

Do you want to use VulDB in your project?

Use the official API to access entries easily!