Headline
CVE-2023-1744: cve/IBOS oa v4.5.5 upload.md · xieqiang/cve - Gitee.com
A vulnerability classified as critical was found in IBOS 4.5.5. This vulnerability affects unknown code of the component htaccess Handler. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224632.
克隆/下载
下载ZIP
登录提示
该操作需登录 Gitee 帐号,请先登录后再操作。
立即登录
没有帐号,去注册
cve
/
cve
/
IBOS oa v4.5.5 upload.md
IBOS oa v4.5.5 upload.md 522 Bytes
IBOS v4.5.5 File upload bypass
download link:https://gitee.com/ibos/IBOS
You can’t set the.php suffix here, but you can bypass it by setting the.htaccess suffix.
The.htaccess content is as follows
Then we will upload a 1.gif file containing one sentence
Finally, visit 1.gif to get getshell
误判申诉
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。