Skip to content
Permalink
main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Go to file
 
 
Cannot retrieve contributors at this time

BUG_Author: zhengjiasheng

Vulnerability url: /philosophy/admin/products/controller.php?action=add

post form-data parameter 'filename' exists arbitrary file upload

Steps to reproduce

1.Go to the admin Dashboard

http://localhost/philosophy/admin/login.php

System Admin Access information:

Username: janobe Password: admin

2.Click on Products and Click on + News and select Products

image

3.Upload the picture Trojan horse,and append the file suffix .php through BurpSuite

image

4.Access to upload picture Trojan links,you can execute any command.

For example,dir command.

image