漏洞描述
杭州九麒科技 BigAnt-Admin 是一款企业级管理系统,提供多种功能支持。该系统的 /Addin/Upload/uploadMultipleFile.html 接口存在文件上传漏洞,攻击者可以通过上传特制的 PHP 文件,执行恶意代码,实现服务器的远程控制,可能导致敏感信息泄露、数据篡改等危害。
杭州九麒科技 BigAnt-Admin /Addin/Upload/uploadMultipleFile.html 文件上传漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2023-27624: WordPress Redirect After Login <= 0.1.9 - Admin Stored XSS
- POC CVE-2025-52970: Fortinet FortiWeb - Authentication Bypass to Admin Privilege
- POC keycloak-admin-console-config: Keycloak Admin Console Configuration Disclosure
- POC phpmyadmin-fpd: phpMyAdmin Full Path Disclosure
- POC wp-admin-menu-editor-fpd: Admin Menu Editor - Full Path Disclosure
- POC wp-woocommerce-admin-fpd: WordPress Plugin WooCommerce Admin (woocommerce-admin) Full Path Disclosure
- PgAdmin PgAdmin4 需授权 代码注入漏洞
- POC cluster-trino-admin-login: Cluster Overview Trino - Admin Login
- Windows 11 RAiLaunchAdminProcess 管理员保护特权提升漏洞
- hue-default-credential: Cloudera Hue Default Admin Login
- POC CVE-2005-3344: Horde Groupware Unauthenticated Admin Access
- POC CVE-2007-5728: phpPgAdmin <=4.1.1 - Cross-Site Scripting
- POC CVE-2008-5587: phpPgAdmin <=4.2.1 - Local File Inclusion