Kefaming Mayi Unrestricted File Upload Vulnerability in File.php
Vulnerability
A critical vulnerability allowing unrestricted file uploads has been identified in Kefaming Mayi versions through 1.3.9. The issue arises in the 'upload' function of 'app/tools/controller/File.php', where manipulation of the 'file' argument can be exploited to upload dangerous file types that may be processed within the application's environment. This vulnerability can be exploited remotely, and a public proof-of-concept exploit is available.
Impact
Exploitation of this vulnerability allows for unrestricted file uploads, which could lead to the execution of uploaded files or other malicious actions, depending on the file type and how it is handled by the application.
Reproduction
The vulnerability can be reproduced by sending a request to 'app/tools/controller/File.php' with a manipulated 'file' argument that bypasses any file type restrictions. Vulnerable targets can be found using Google Hacking by searching for 'inurl:app/tools/controller/File.php'.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.