Headline

CVE-2023-3240: HuBenVulList/OTCMS was discovered to contain an arbitrary file download vulenrability via the filename.md at main · HuBenLab/HuBenVulList

A vulnerability has been found in OTCMS up to 6.62 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file usersNews_deal.php. The manipulation of the argument file leads to path traversal: '…/filedir’. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-231511.

1 year ago

CVE

Open in Source

#vulnerability #php #auth

Permalink

Cannot retrieve contributors at this time

OTCMS was discovered to contain an arbitrary file download vulenrability via the filename****Description

OTCMS was discovered to contain an arbitrary file download vulenrability via the filename

Vendor Homepage****Author****Proof of Concept

Post an article after logging in as a member user.

Add additional parameters to the packet capture

payload

file=../../../../../../../../../../../../../etc/passwd&isRenameFile=1&fileName=1.php

Then it can be downloaded in the foreground to read the passwd file.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

12 months ago

12 months ago

12 months ago

12 months ago

12 months ago