Headline
CVE-2023-30264: HuBenVulList/CLTPHP6.0 Unrestricted Upload of File with Dangerous Type 2.md at main · HuBenLab/HuBenVulList
CLTPHP <=6.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via application/admin/controller/Template.php:update.
CLTPHP <= 6.0 Unrestricted Upload of File with Dangerous Type 2****Description
The system client does not handle these parameters correctly, resulting in an Unrestricted Upload of File with Dangerous Type.
Vendor Homepage
https://gitee.com/chichu/cltopen/
https://www.cltphp.com/
Author****Proof of Concept
File:application/admin/controller/Template.php
Exploiting this vulnerability requires logging into the system.
This vulnerability can only modify files that exist on the system.
Change index.php to 123
Related news
CVE-2023-30264: CVE-2023-30264
CLTPHP <=6.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via application/admin/controller/Template.php:update.