Headline
CVE-2021-40553: vuln/README.md at main · Yang9999999/vuln
piwigo 11.5.0 is affected by a remote code execution (RCE) vulnerability in the LocalFiles Editor.
Piwigo has a background command execution vulnerability
Command injection vulnerability trigger point
Use admin to enter the background
Click settings to come to this page
Write in it
<?phpvar_dump(1);}if(1){system(‘calc’);?>
Next breakpoint single step debugging
You will find that this sentence is implemented here
code analysis
Text is passed in $content without filtering_ File and then pass in the function
The incoming code is spliced here. Caused code execution