Soosyze 2.0.0 Unrestricted File Upload via Broken Upload Logic

Soosyze 2.0.0 contains a file upload vulnerability that allows attackers to upload arbitrary HTML files with embedded PHP code to the application. Attackers can exploit the broken file upload mechanism to potentially view sensitive file paths and execute malicious PHP scripts on the server.

N/A

危险类型文件的不加限制上传

soosyze 代码问题漏洞

soosyze是Soosyze开源的一个内容管理系统。 soosyze 2.0.0版本存在代码问题漏洞，该漏洞源于文件上传机制存在漏洞，可能导致上传任意HTML文件并执行恶意PHP脚本。

N/A

N/A