Open havysec opened 6 years ago
onefilecms.php in OneFileCMS through 2017-10-09 might allow attackers to execute arbitrary PHP code via xxx .php filename on the New File screen
access http://fragrant:30001/OneFileCMS/onefilecms.php by username/password
Click New File -> 123.php -> Create
New File
Create
Click SAVE CHANGES -> access http://fragrant:30001/123.php
SAVE CHANGES
onefilecms.php in OneFileCMS through 2017-10-09 might allow attackers to execute arbitrary PHP code via xxx .php filename on the New File screen
access http://fragrant:30001/OneFileCMS/onefilecms.php by username/password
Click
New File
-> 123.php ->Create
Click
SAVE CHANGES
-> access http://fragrant:30001/123.php