115cmsArbitrary file upload vulnerability
vendor : http://www.115cms.com/
115cms V4.2 installation package :https://gitee.com/haepic/www.115cms.com
Vulnerability type: V4.2
Recurrence environment:
Windows Server 2019 phpstudy
Vulnerability description: There is an arbitrary file upload vulnerability in the 15cmsV4.05 web application. loophole http://x.x.x.x/index.php/admin/content/index HTTP/, the allowed suffix for uploading can be set at the basic configuration of the background function website settings, and then the attachment can be uploaded at the content of the content management article. Any file can be uploaded, and the website can be controlled through webshell
Loophole recurrence:
The file upload type and content are not filtered in extend/org/Upload. php

Add "php" suffix in "Basic Settings" and click Save to upload successfully

Then access the uploaded file “*.php”. Get webshell.
