Core package of WBCE CMS. This package includes the core and the default addons. Visit https://wbce.org (DE) or https://wbce-cms.org (EN) to learn more or to join the WBCE CMS community.
Please note that there is a possible way to bypass the restriction and manage to upload a malicious php file to the system.
The vulnerable code located in /admin/media/rename2.php
There aren't any filtering and protection against user's input "name" and "extension".
A user may upload a file called phpinfo.txt and rename it to phpinfo.php by entering the "name" to "phpinfo.ph" "extension" to "p". The following screenshot shows that the malicious user successfully upload phpinfo.php file to the webapp directory.
Hi Team,
Please note that there is a possible way to bypass the restriction and manage to upload a malicious php file to the system. The vulnerable code located in /admin/media/rename2.php
There aren't any filtering and protection against user's input "name" and "extension". A user may upload a file called phpinfo.txt and rename it to phpinfo.php by entering the "name" to "phpinfo.ph" "extension" to "p". The following screenshot shows that the malicious user successfully upload phpinfo.php file to the webapp directory.