mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 11:06:19 +00:00
843 B
843 B
CVE-2020-19672
Description
Niushop B2B2C Multi-business basic version V1.11, can bypass the administrator to obtain the background upload interface, through parameter upload, bypass the getimagesize function, upload php file, getshell.
POC
Reference
- https://github.com/bluecity/CMS/blob/master/niushop%20v1.1-upload/Niushop%20Multi-business%20V1.11-en.md
- https://github.com/bluecity/CMS/blob/master/niushop%20v1.1-upload/Niushop%20Multi-business%20V1.11-en.md
Github
No PoCs found on GitHub currently.