Skip to content

Security Issue  #35

Open
Open
Security Issue #35
@baharuddinzulkifli

Description

@baharuddinzulkifli
baharuddinzulkifli
opened on Nov 17, 2023

To help us resolve your issue more quickly, please use the following template:

Describe the Bug

Unrestricted file upload lead to RCE

Version Info

  • KChat version: 2.0.3
  • PHP version: PHP 8.1.2
  • MySQL version: 8.0.35
  • Web server (Ex. Apache, nginx or IIS?) : Apache
  • OS name and version: Ubuntu 22.04

Reference

https://huntr.com/bounties/4412797f-313f-4f2d-82d6-807a6d55befb/

cc @GaneshKandu @wolf128058

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions