| 标题 | Codezips E-commerce Site Using PHP With Source Code V1.0 Unrestricted Upload |
|---|
| 描述 | polaris0x1 found that the file upload operation was triggered in admin/addproduct.php, and the _FAILES variable was used to receive the payload. After receiving the attack vector from a remote attacker, it will result in unrestricted uploads, and remote attacks may lead to RCE.
The input obtained from line 38 of the "/admin/addproduct.php" file is used in line 57 of the "/admin/addproduct.php" file to determine the location of the file to be written, which may allow attackers to change or damage the content of the file, or create a brand new file. |
|---|
| 来源 | ⚠️ https://github.com/polaris0x1/CVE/issues/1 |
|---|
| 用户 | polaris0x1 (UID 67906) |
|---|
| 提交 | 2024-05-14 13時39分 (2 年前) |
|---|
| 管理 | 2024-05-15 13時54分 (1 day later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 264460 [Codezips E-Commerce Site 1.0 admin/addproduct.php profilepic 权限提升] |
|---|
| 积分 | 20 |
|---|