Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
Remote file upload vulnerability in ver <= 4.1.12 #249
It appears there is a remote file upload vulnerability in kindeditor<= 4.1.12 specifically in kindeditor/php/upload_json.php. The file doesn't sanitize user input or check that a user should be uploading arbitrary files to the system.
A simple curl request to kindeditor/php/upload_json.php?dir=file with the data filename=test.html set via POST request is all that's require to exploit this vulnerability:
$ curl -F "imgFilefirstname.lastname@example.org" http://example.com/kindeditor/php/upload_json.php?dir=file
似乎在kindeditor <= 4.1.12中有一個遠程文件上傳漏洞，專門在kindeditor / php / upload_json.php中。該文件不會消除用戶輸入或檢查用戶是否應該將任意文件上傳到系統。
使用數據文件名= test.html通過POST請求設置的kinderitor / php / upload_json.php？dir =文件的簡單捲曲請求是利用此漏洞所需要的：
$ curl -F“imgFileemail@example.com”http://example.com/kindeditor/php/upload_json.php?dir=file
upload_json.php includes the following warning message, I think enough. upload PHP file to self server then should be know what happend, it's basic skill for developer.