漏洞描述
Edu-sharing是一个开源的电子学习集成解决方案。Edu-sharing存在任意文件上传漏洞,此漏洞是由于collections接口对用户的请求验证不当导致的。
Edu-Sharing CVE-2024-28147 任意文件上传漏洞
PoC代码
暂无相关漏洞推荐
- POC k8s-host-network-namespace-shared: Host Network Namespace Sharing
- POC k8s-host-pid-namespace-sharing: Host PID Namespace Sharing
- POC unencrypted-file-sharing-enabled: Unencrypted File Sharing Enabled
- 用友NC listUserSharingEvents 存在SQL注入漏洞
- 用友 /portal/pt/oacoSchedulerEvents/listUserSharingEvents SQL 注入漏洞
- iSharer and upRedSun File Sharing Wizard 缓冲区溢出漏洞
- Windows Internet Connection Sharing (ICS) 远程代码执行漏洞
- Windows Internet Connection Sharing (ICS) 远程代码执行漏洞
- Easy File Sharing Web Server7.2 disk_c-认证绕过
- 希捷私人云盘simple_sharing.SimpleSharing.list_users接口-泄漏敏感信息