Open jheysel-r7 opened 2 weeks ago
In versions prior to <= v1.11.24 a webshell can be uploaded via the bigload.php endpoint. If the GET request parameter action is set to post-unsupported file extension checks are skipped allowing for attacker controlled .php files to be uploaded
action
post-unsupported
https://github.com/H4cking4All/CVE-2023-4220/tree/main
Summary
In versions prior to <= v1.11.24 a webshell can be uploaded via the bigload.php endpoint. If the GET request parameter
actionis set topost-unsupportedfile extension checks are skipped allowing for attacker controlled .php files to be uploadedBasic example
https://github.com/H4cking4All/CVE-2023-4220/tree/main