iJason-Liu Books_Manager Unrestricted File Upload Vulnerability in upload_bookCover.php
Vulnerability
A critical arbitrary file upload vulnerability has been identified in iJason-Liu Books_Manager versions prior to the commit 298ba736387ca37810466349af13a0fdf828e99c. The issue resides in the file upload_bookCover.php within the books_center controller. The vulnerability arises because the backend does not properly validate file types, allowing attackers to upload any file, potentially leading to remote code execution. This vulnerability can be exploited remotely, but requires authentication.
Impact
Exploitation of this vulnerability allows for unrestricted file uploads, which could be used to upload malicious files such as web shells, leading to remote code execution.
Reproduction
The vulnerability can be reproduced by uploading a file through the upload_bookCover.php interface. Since the file type is not properly validated on the server side, any file can be uploaded. After uploading a PHP file, for example, it can be accessed via the web server, effectively executing the uploaded code.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.