Enterprise Cloud Database from Ragic does not properly validate the file type for uploads. Attackers with regular privileges can upload a webshell and use it to execute arbitrary code on the remote server.

GitHub Topics - Pentesting


GitHub public repositories matching the '#pentesting' topic.

Listed: