漏洞标题
N/A
漏洞描述信息
在deV!L`z Clanportal(DZCP)1.3.6.1之前,上传/index.php中的未受限制文件上传漏洞允许远程攻击者将任意的.php文件上传并执行。攻击者可以将PHP代码嵌入到上传到inc/images/uploads/userpics/的JPEG或 GIF文件中。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Unrestricted file upload vulnerability in upload/index.php in deV!L`z Clanportal (DZCP) before 1.3.6.1 allows remote attackers to upload and execute arbitrary .php files by embedding PHP code in a JPEG or GIF file that is uploaded to inc/images/uploads/userpics/.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
DZCP Clanportal 'Index.PHP'任意文件上载漏洞
漏洞描述信息
deV!L`z Clanportal (DZCP)的upload/index.php存在无限制文件上载漏洞,远程攻击者可通过往上载到inc/images/uploads/userpics/的JPEG或GIF文件内嵌入PHP代码来上载和执行任意.php文件。
CVSS信息
N/A
漏洞类别
授权问题