| 标题 | CodeAstro Online Railway Reservation System 1.0 Unrestricted Upload of File with Dangerous Type |
|---|
| 描述 | A critical remote code execution (RCE) vulnerability has been identified in the Online Railway Reservation System developed by CodeAstro. The vulnerability is found in the /admin/emp-profile-avatar.php component, which is responsible for handling profile avatar uploads in the application's admin panel.
The issue arises from improper validation of uploaded files. Attackers can exploit this flaw by uploading a malicious file, such as a web shell, through the vulnerable endpoint. Once uploaded, the attacker can access the web shell and execute arbitrary commands on the server with the privileges of the web server process. |
|---|
| 来源 | ⚠️ https://github.com/CYB84/CVE_Writeup/blob/main/Online%20Railway%20Reservation%20System/RCE%20via%20File%20Upload.md |
|---|
| 用户 | Raj Nandi (UID 73232) |
|---|
| 提交 | 2024-08-15 08時31分 (2 年前) |
|---|
| 管理 | 2024-08-17 19時16分 (2 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 275036 [CodeAstro Online Railway Reservation System 1.0 Profile Photo Update emp-profile-avatar.php 权限提升] |
|---|
| 积分 | 20 |
|---|