漏洞描述
Petrol Pump Management Software是一款汽油泵管理软件。Petrol Pump Mangement Software中存在任意文件上传漏洞,此漏洞是由于程序未充分验证用户更改email头像时上传的数据所导致的。
Petrol Pump Mangement Software profile.php 任意文件上传漏洞
PoC代码
暂无相关漏洞推荐
- mJobtime /Default.aspx/update_profile_Server 命令执行漏洞(CVE-2025-51683)
- Langflow /api/v1/files/profile_pictures/../langflow.db 目录遍历漏洞
- Progress Chef Automate /api/v0/compliance/profiles/search SQL 注入漏洞(CVE-2025-8868)
- Atlassian Jira Software Data Center And Server 需授权 路径遍历漏洞
- Cisco IOS XE Software 命令注入漏洞
- SourceCodester Pet Grooming Management Software SQL注入漏洞
- SourceCodester Pet Grooming Management Software SQL注入漏洞
- (CVE-2025-20240) Cisco IOS XE Software Web UI反射型跨站脚本漏洞
- SourceCodester Pet Grooming Management Software SQL注入漏洞
- White Star Software Protop /pt3upd/ 目录遍历漏洞 (CVE-2025-44177)
- POC CVE-2018-14931: Polarisft Intellect Core Banking Software Version 9.7.1 - Open Redirect
- POC CVE-2020-26073: Cisco SD-WAN vManage Software - Local File Inclusion
- POC CVE-2020-3187: Cisco Adaptive Security Appliance Software/Cisco Firepower Threat Defense - Directory Traversal