3DPrint Lite 漏洞列表
共找到 3 个与 3DPrint Lite 相关的漏洞
📅 加载漏洞趋势中...
-
CVE-2021-4436: 3DPrint Lite < 1.9.1.5 - Arbitrary File Upload POC
The plugin does not have any authorisation and does not check the uploaded file in its p3dlite_handle_upload AJAX action , allowing unauthenticated users to upload arbitrary file to the web server. However, there is a .htaccess, preventing the file to be accessed on Web servers such as Apache. -
CVE-2021-4436: 3DPrint Lite < 1.9.1.5 - Arbitrary File Upload POC
The plugin does not have any authorisation and does not check the uploaded file in its p3dlite_handle_upload AJAX action , allowing unauthenticated users to upload arbitrary file to the web server. However, there is a .htaccess, preventing the file to be accessed on Web servers such as Apache. -
3dprint-arbitrary-file-upload: WordPress 3DPrint Lite <1.9.1.5 - Arbitrary File Upload POC
WordPress 3DPrint Lite plugin before 1.9.1.5 contains an arbitrary file upload vulnerability. The p3dlite_handle_upload AJAX action of the plugin does not have any authorization and does not check the uploaded file. An attacker can upload arbitrary files to the server, which in turn can be used to make the application execute file content as code, As a result, an attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized operations.