CVE-2023-26949

Published
View on NVD ↗
CVSS v3
9.8
CRITICAL
CVSS v2
N/A
Affected
1
PROJECT

Description

An arbitrary file upload vulnerability in the component /admin1/config/update of onekeyadmin v1.3.9 allows attackers to execute arbitrary code via a crafted PHP file.

keheying/onekeyadmin
keheying/onekeyadmin
基于Thinkphp6+Element的插件化管理系统,网站、小程序、商城、CMS、APP、ERP、API接口一个系统全部搞定,无需脚手架开箱即用!
GitHubGitHub
55