onefilecms.php in OneFileCMS through 2017-10-09 might allow attackers to execute arbitrary PHP code via xxx .php filename on the New File screen - Githubissues

Self-Evident / OneFileCMS

A single file cms - all in one file!

http://onefilecms.com/

165 stars 57 forks source link

onefilecms.php in OneFileCMS through 2017-10-09 might allow attackers to execute arbitrary PHP code via xxx .php filename on the New File screen #47

Open havysec opened 6 years ago

havysec commented 6 years ago

onefilecms.php in OneFileCMS through 2017-10-09 might allow attackers to execute arbitrary PHP code via xxx .php filename on the New File screen

access http://fragrant:30001/OneFileCMS/onefilecms.php by username/password

Click New File -> 123.php -> Create

Click SAVE CHANGES -> access http://fragrant:30001/123.php