Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

file upload vulnerability in pagekit 1.0.18 #970

Open
Townmacro opened this issue Aug 26, 2022 · 0 comments
Open

file upload vulnerability in pagekit 1.0.18 #970

Townmacro opened this issue Aug 26, 2022 · 0 comments

Comments

@Townmacro
Copy link

Problem

A file upload vulnerability exists in the storage feature of pagekit 1.0.18, which allows an attacker to upload malicious files

Technical Details

  • Pagekit version:1.0.18
  • Webserver:Nginx2.4.18
  • Database:Mysql5.7.26
  • PHP Version:7.3.4
  • OS:Windows10

A file upload vulnerability exists in the storage feature of pagekit v1.0.18, which allows an attacker to upload malicious files

  1. do not set allow php files to be uploaded

1

  1. then select the upload point to upload the malicious php file and modify the packet via Burp Suite to change the file name

    2

  2. Upload the file successfully

    3

  3. The file can then be accessed at /storage/shell.php

    4

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant