admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-06-20 18:00:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create PandoraFMS_upload_head_image.php_Arbitrary_File_Upload_Vulnerability.md

Browse Source 
add PandoraFMS upload_head_image.php Arbitrary File Upload Vulnerability
This commit is contained in:
Goby 2023-06-21 17:39:03 +08:00 committed by GitHub
parent 2f36f65e66
commit 424fda4587
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
PandoraFMS_upload_head_image.php_Arbitrary_File_Upload_Vulnerability.md Normal file
View File

@ -0,0 +1,12 @@
## PandoraFMS upload_head_image.php Arbitrary File Upload Vulnerability
| **Vulnerability** | **PandoraFMS upload_head_image.php Arbitrary File Upload Vulnerability** |
| :----: | :-----|
| **Chinese name** | PandoraFMS 软件 upload_head_image.php 任意文件上传漏洞 |
| **CVSS core** | 9.0 |
| **FOFA Query** (click to view the results directly)| [body="pandora_console/"](https://en.fofa.info/result?qbase64=Ym9keT0icGFuZG9yYV9jb25zb2xlLyI%3D) |
| **Number of assets affected** | 768 |
| **Description** | PandoraFMS is an application software of American PandoraFMS. Provides a monitoring function.<br></p><p>There is an unauthorized file upload vulnerability in PandoraFMS upload_head_image.php. Attackers can upload malicious Trojan horses to obtain server permissions. |
| **Impact** | There is an unauthorized file upload vulnerability in PandoraFMS upload_head_image.php. Attackers can upload malicious Trojan horses to obtain server permissions. |
![](https://s3.bmp.ovh/imgs/2023/06/21/c89f35d6d3a29740.gif)