CVE-2022-45039
2022年12月8日 更新

Exploit Title: WBCE CMS v1.5.4 can implement getshell by modifying the upload file type

Product: WBCE CMS (https://github.com/WBCE/WBCE_CMS)

Version: v1.5.4

Describe:An arbitrary file upload vulnerability in the Server Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary code via a crafted PHP file.


Steps to reproduce:

Select show advance options in Settings

Set No upload for this filetypes to null


Select Upload File

Upload Trojans<? php @eval($_POST['test']) ?>

Found that the storage path can be connected

Try to connect