提交 #632535: YiFang CMS 2.0.5 Unrestricted Upload信息

标题YiFang CMS 2.0.5 Unrestricted Upload
描述The core code of the app/utils/base/plugin/P_file.php vulnerability is located in the mergeMultipartUpload() method in the above file. The uploaded file name is determined by the suffixes in md5value and name. Both of these are controllable, resulting in any file upload.
来源⚠️ https://github.com/August829/Yu/blob/main/20250811_3.md
用户
 Yu Bao (UID 88956)
提交2025-08-12 15時46分 (11 月前)
管理2025-08-24 16時47分 (12 days later)
状态已接受
VulDB条目321236 [YiFang CMS 直到 2.0.5 P_file.php mergeMultipartUpload 文件 权限提升]
积分18

Do you need the next level of professionalism?

Upgrade your account now!