Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-52677 PoC — HkCms 安全漏洞

Source
https://github.com/J-0k3r/CVE-2024-52677
Associated Vulnerability
Title:HkCms 安全漏洞 (CVE-2024-52677)
Description:HkCms是HkCms开源的一款免费开源内容管理系统。 HkCms v2.3.2.240702版本存在安全漏洞,该漏洞源于在/app/common/library/Upload.php中的getFileName方法中存在文件上传漏洞。
Readme
[CVE-ID]
CVE-2024-52677
[Product]
HkCms - <= v2.3.2.240702
[Vendor of Product]
https://www.hkcms.cn/
[Attack Type]
Remote]
[VulnerabilityType]
file upload
[description]
HkCms <= v2.3.2.240702 is vulnerable to file upload in the getFileNamemethod in /app/common/library/Upload.php
File Snapshot

 [4.0K]  /data/pocs/be968769c9ccb4f3fe7aa3aed8932a3883003c72
├── [ 282]  README.md
└── [5.6M]  upload.pdf

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.