You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Causes of vulnerability : upload.php does not allow direct uploading of ph* type files, and it fails when directly uploading ph* files.
However, you can bypass the detection by uploading a phar file and adding picture file header information such as jpg to the file to successfully upload the phar file.
Because the phar file can be parsed normally after php7.2, you can directly upload the php webshell with the phar suffix.
Repair suggestion: add the ph* file to the upload blacklist
Affected version: GetSimpleCMS before 3.3.16.
Vulnerable file: /admin/upload.php.
Causes of vulnerability : upload.php does not allow direct uploading of ph* type files, and it fails when directly uploading ph* files.
However, you can bypass the detection by uploading a phar file and adding picture file header information such as jpg to the file to successfully upload the phar file.
Because the phar file can be parsed normally after php7.2, you can directly upload the php webshell with the phar suffix.
Repair suggestion: add the ph* file to the upload blacklist