Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Vulnerability file: \functions.php You can see that the file is uploaded directly without the verification file suffix.
Vulnerability to reproduce: 1、First log in to the backend of the website 2、Visit url: http://www.xxx.com/admin/index.php?mode=content&page=media&action=edit&file=de.gif&type=1 . Then operate as shown below: 3、You can see that 1.php is successfully uploaded 4、Visit http://www.xxx.com/media/images/1.php and execute the code to get phpinfo information
Repair suggestion: Set the upload whitelist and limit the suffixes of uploaded files to gif, jpg, and png
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Vulnerability file: \functions.php

You can see that the file is uploaded directly without the verification file suffix.
Vulnerability to reproduce:



1、First log in to the backend of the website
2、Visit url: http://www.xxx.com/admin/index.php?mode=content&page=media&action=edit&file=de.gif&type=1 .
Then operate as shown below:
3、You can see that 1.php is successfully uploaded
4、Visit http://www.xxx.com/media/images/1.php and execute the code to get phpinfo information
Repair suggestion:
Set the upload whitelist and limit the suffixes of uploaded files to gif, jpg, and png
The text was updated successfully, but these errors were encountered: