/api/v1/company/upload-logo in... CVE-2023-46865

- AV AC AU C I A
发布: 2023-10-30
修订: 2023-11-29

/api/v1/company/upload-logo in CompanyController.php in crater through 6.0.6 allows a superadmin to execute arbitrary PHP code by placing this code into an image/png IDAT chunk of a Company Logo image.

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有1条受影响产品信息