4 matches found
CVE-2022-23626
m1k1o/blog is a lightweight self-hosted facebook-styled PHP blog. Errors from functions imagecreatefrom and image have not been checked properly. Although PHP issued warnings and the upload function returned false, the original file that could contain a malicious payload was kept on the disk. Use...
emlog pro /content/templates/arbitrary file upload vulnerability
emlog is a lightweight blog and CMS builder based on PHP and MySQL. An arbitrary file upload vulnerability exists in emlog pro /content/templates/, which can be exploited by a remote attacker to submit a special request that can be used to upload a malicious file to execute arbitrary code in the...
Lightweight Facebook-Styled Blog Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Lightweight facebook-styled blog authenticated remote code execution", 'Description' = %q This module exploits the file upload vulnerability of...
Beside network lightweight blog system upload vulnerability-vulnerability warning-the black bar safety net
Demo Station: http://www.tuidoong.com/ First of all, we first register a user of this you know the register well after we return to the personal home page point pictures On upload directly to upload any file 后门 地址 http://www.tuidoong.com/uploads/4e472c674c0f24e9b6b2d56c6cb9e9f2.php...