[webapps] ImpressCMS v1.4.4 - Unrestricted File Upload
2022-5-11 08:0:0 Author: www.exploit-db.com(查看原文) 阅读量:6 收藏
2022-5-11 08:0:0 Author: www.exploit-db.com(查看原文) 阅读量:6 收藏
# Exploit Title: ImpressCMS v1.4.4 - Unrestricted File Upload
# Date: 7/4/2022
# Exploit Author: Ünsal Furkan Harani (Zemarkhos)
# Vendor Homepage: https://www.impresscms.org/
# Software Link: https://github.com/ImpressCMS/impresscms
# Version: v1.4.4
# Description:
Between lines 152 and 162, we see the function "extensionsToBeSanitized".Since the blacklist method is weak, it is familiar that the file can be uploaded in the extensions mentioned below.
.php2, .php6, .php7, .phps, .pht, .pgif, .shtml, .htaccess, .phar, .inc
Impresscms/core/File/MediaUploader.php Between lines 152 and 162:
private $extensionsToBeSanitized = array('php','phtml','phtm','php3','php4','cgi','pl','asp','php5');
文章来源: https://www.exploit-db.com/exploits/50890
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh