Unauthenticated arbitrary file upload on the https://█████/ (█████████)

Disclosed: 2024-08-16 16:04:07 By sp1d3rs To deptofdefense
High
Vulnerability Details
##Description I was able to identify unsafe upload endpoint on the https://█████/upload.php ##POC 1) Go to the https://█████████/upload.php 2) Upload some test file. You will see success message: ████ 3) Visit `https://███/delete.me` and you will see your uploaded file there I uploaded example test file with string `test file` █████████ ## Impact Arbitrary file upload, may lead to the Stored XSS, hosting attacker's content and code execution.
Actions
View on HackerOne
Report Stats
  • Report ID: 698789
  • State: Closed
  • Substate: resolved
  • Upvotes: 17
Share this report