iJason-Liu Books_Manager upload_bookCover.php unrestricted upload

A vulnerability was found in iJason-Liu Books_Manager up to 298ba736387ca37810466349af13a0fdf828e99c. This vulnerability affects unknown code of the file controllers/books_center/upload_bookCover.php. Performing a manipulation of the argument book_cover results in unrestricted upload. The attack may be initiated remotely. The exploit has been made public and could be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

危险类型文件的不加限制上传

Books_Manager 代码问题漏洞

Books_Manager是iJason-Liu个人开发者的一个图书管理系统。 Books_Manager存在代码问题漏洞，该漏洞源于对文件controllers/books_center/upload_bookCover.php中参数book_cover的错误操作，可能导致任意文件上传。

N/A

N/A