漏洞描述
American Financing eMail Image Upload 4.1版本的output.php中存在不限制文件上传漏洞。远程攻击者可以借助未明向量,上传并执行任意代码。
American Financing eMail Image Upload'output.php' 任意文件上传漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2019-14206: Nevma Adaptive Images - Arbitrary File Deletion
- POC CVE-2025-46349: YesWiki Reflected XSS via File Upload
- 仓储系统和物流管理系统Business_Upload.ashx存在任意文件上传漏洞
- POC CVE-2012-10018: WordPress Mapplic <= 6.1 / Mapplic Lite <= 1.0 - Authenticated Stored XSS via SVG File Upload
- POC CVE-2025-52691: SmarterMail - Unrestricted File Upload
- POC wordpress-menu-image-fpd: WordPress Menu Image - Full Path Disclosure
- POC CVE-2016-15043: WP Mobile Detector <= 3.5 - Unrestricted File Upload
- POC CVE-2018-9206: Blueimp jQuery-File-Upload v9.22.0 - Unrestricted File Upload
- POC CVE-2024-2863: LG LED Assistant - Thumbnail Path Traversal File Upload
- POC imageresizer-debug-exposure: ImageResizer Debug - Information Exposure
- POC wp-image-widget-fpd: Image Widget - Full Path Disclosure
- 东胜物流软件 /TruckMng/MsWlDriver/UploadFile 文件上传漏洞
- Code-Projects College Notes Uploading System SQL注入漏洞