Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-26627: BUG_WEB/OpenSource/PTMS at main · qerogram/BUG_WEB

Online Project Time Management System v1.0 was discovered to contain an arbitrary file write vulnerability which allows attackers to execute arbitrary code via a crafted HTML file.

CVE
Open in Source
#vulnerability#web#git

License

Author****Version

version version

Vulnerability

RCE(Remote Code Execution) via File Upload

Chains the three vulnerabilities below and uses them.

  1. Insecure Permission Check
    It does not check user permission when using the arbitrary file writing function.
  2. Arbitrary File Write Function
    Limited arbitrary file write function exists.(Possible extension, "html".)
    Arbitrary File Write
  3. Local File Include
    the error handling page with the extension “html” is loaded through the keyword "include".
    LFI

Therefore, we can overwrite the “404.html” file, which is an error handler page, with a webshell payload, as if overwriting the SEH handler code, and then invoke the error page to trigger an RCE vulnerability.
LFI

Reference

[1] Download WebApp from Vendor

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE