32 matches found
Server side request forgery (ssrf)
UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, was found in yuan1994 tpAdmin 1.3.12. Affected is the function remote of the file application\admin\controller\Upload.php. The manipulation of the argument url leads to server-side request forgery. It is possible to laun...
CVE-2023-1971 yuan1994 tpAdmin Upload.php remote server-side request forgery
UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, was found in yuan1994 tpAdmin 1.3.12. Affected is the function remote of the file application\admin\controller\Upload.php. The manipulation of the argument url leads to server-side request forgery. It is possible to laun...
CVE-2023-1971
CVE-2023-1971 affects yuan1994 tpAdmin 1.3.12. Affected component: the remote() function in application/admin/controller/Upload.php, where manipulation of the url argument enables server-side request forgery (SSRF). Exploitation can be performed remotely, and public disclosures exist (VDB-225408)...
CVE-2023-1970 yuan1994 tpAdmin Upload.php Upload unrestricted upload
UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as problematic, has been found in yuan1994 tpAdmin 1.3.12. This issue affects the function Upload of the file application\admin\controller\Upload.php. The manipulation of the argument file leads to unrestricted upload. The attack may...
CVE-2023-1970 yuan1994 tpAdmin Upload.php Upload unrestricted upload
UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as problematic, has been found in yuan1994 tpAdmin 1.3.12. This issue affects the function Upload of the file application\admin\controller\Upload.php. The manipulation of the argument file leads to unrestricted upload. The attack may...
CVE-2023-1970
CVE-2023-1970 affects yuan1994 tpAdmin 1.3.12. The vulnerability exists in the Upload.php Upload function, where manipulation of the file argument enables unrestricted file uploads. The attack can be initiated remotely, and public exploits have been disclosed. Note: tpAdmin is no longer maintaine...
CVE-2023-1970 yuan1994 tpAdmin Upload.php Upload unrestricted upload
UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as problematic, has been found in yuan1994 tpAdmin 1.3.12. This issue affects the function Upload of the file application\admin\controller\Upload.php. The manipulation of the argument file leads to unrestricted upload. The attack may...
tpAdmin 代码问题漏洞
tpAdmin is a management backend based on ThinkPHP5. A code issue vulnerability exists in yuan1994 tpAdmin version 1.3.12, which stems from an incorrect manipulation of the parameter url leading to server-side request forgery...
tpAdmin 代码问题漏洞
tpAdmin is a ThinkPHP5 based administration backend. A code issue vulnerability exists in yuan1994 tpAdmin version 1.3.12, which stems from an incorrect manipulation of the parameter file resulting in unrestricted uploads...
PT-2023-2509 · Ftp Admin · Ftp Admin
Name of the Vulnerable Software and Affected Versions: tpAdmin version 1.3.12 Description: The issue affects the Upload function of the file applicationadmincontrollerUpload.php. The manipulation of the file argument leads to unrestricted upload. The attack may be initiated remotely. This allows ...
PT-2023-2442 · Ftp Admin · Ftp Admin
Name of the Vulnerable Software and Affected Versions: tpAdmin version 1.3.12 Description: A critical vulnerability was found in the function remote of the file applicationadmincontrollerUpload.php. The manipulation of the argument url leads to server-side request forgery. It is possible to launc...
Command execution vulnerability in tpAdmin
tpadmin is an administration backend based on ThinkPHP 5.0 official version and Hui.admin v2.5. A command execution vulnerability exists in tpAdmin. An attacker can exploit the vulnerability to execute database commands...