漏洞描述
American Financing eMail Image Upload 4.1版本的output.php中存在不限制文件上传漏洞。远程攻击者可以借助未明向量,上传并执行任意代码。
American Financing eMail Image Upload'output.php' 任意文件上传漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2017-17092: WordPress < 4.9.1 - Authenticated JavaScript File Upload
- POC CVE-2021-4449: ZoomSounds Plugin - Unauthenticated Arbitrary File Upload
- 锐明技术Crocus系统 DeviceFileUpload.do 任意文件读取漏洞
- POC CVE-2025-64095: DNN - Unrestricted Arbitrary File Upload
- POC CVE-2025-9985: Featured Image from URL (FIFU) <= 5.2.7 - Unauthenticated Information Exposure via Log File
- POC gradio-image-ssrf: Gradio Image Component - Server-Side Request Forgery
- 天地伟业Easy7 /Easy7/rest/file/uploadMapServerBgImage 文件上传漏洞
- 同享人力资源管理系统 /MobileService/Web/Handler/hdlUploadFile.ashx 文件上传漏洞
- 天地伟业Easy7综合管理平台 uploadMapServerBgImage 任意文件上传漏洞
- POC 天地伟业Easy7 uploadMapServerBgImage文件上传
- 孚盟云 AjaxWriteMail.ashx SQL注入漏洞
- 孚盟云 AjaxWriteMail.ashx 任意文件上传漏洞
- 孚盟云CRM AjaxWriteMail.ashx 存在文件上传漏洞