module
qdPM 9.1 Authenticated Arbitrary PHP File Upload (RCE)
| Disclosed |
|---|
| Nov 21, 2020 |
Disclosed
Nov 21, 2020
Description
A remote code execution (RCE) vulnerability exists in qdPM 9.1 and earlier.
An attacker can upload a malicious PHP code file via the profile photo functionality, by leveraging a path traversal
vulnerability in the users['photop_preview'] delete photo feature, allowing bypass of .htaccess protection.
NOTE: this issue exists because of an incomplete fix for CVE-2015-3884.
An attacker can upload a malicious PHP code file via the profile photo functionality, by leveraging a path traversal
vulnerability in the users['photop_preview'] delete photo feature, allowing bypass of .htaccess protection.
NOTE: this issue exists because of an incomplete fix for CVE-2015-3884.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.