You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The arbitrary file deletion vulnerability #486 can delete ~/cms-108/uploads/.htaccess, and then in /admin/options add the types of files allowed to be uploaded, it will allows hacker to bypass the protection system protection
upload malicious php files and execute malicious php code,eventually leading to a command execution vulnerability
Description of Vulnerability
The arbitrary file deletion vulnerability #486 can delete ~/cms-108/uploads/.htaccess, and then in /admin/options add the types of files allowed to be uploaded, it will allows hacker to bypass the protection system protection
upload malicious php files and execute malicious php code,eventually leading to a command execution vulnerability
Proof of concept (Poc)
2 . Use the method of Multiple Arbitrary File Deletion vulnerabilities #486 to delete ~/cms-108/uploads/.htaccess
The text was updated successfully, but these errors were encountered: