提交 #603640: SourceCodester Simple Company Website with an Admin Panel V1.0 Arbitrary File Upload信息

标题SourceCodester Simple Company Website with an Admin Panel V1.0 Arbitrary File Upload
描述During the security assessment of the 'Simple Company Website with an Admin Panel' application, a critical arbitrary file upload vulnerability was discovered in the /classes/Content.php file. Due to the lack of input validation, unauthenticated users can send specially crafted HTTP requests to upload malicious scripts. These scripts are then accessible and executable via a web browser, enabling the attacker to fully compromise the server environment.
来源⚠️ https://github.com/ez-lbz/poc/issues/26
用户 meraklbz (UID 87053)
提交2025-06-25 07時19分 (1 年前)
管理2025-06-28 13時01分 (3 days later)
状态已接受
VulDB条目314342 [SourceCodester Simple Company Website 1.0 Content.php?f=service img 权限提升]
积分20

Want to stay up to date on a daily basis?

Enable the mail alert feature now!