Critical Vulnerability Information Vulnerability Description Version: mayi v1.3.9 Vulnerability Type: Arbitrary File Upload Leading to Remote Code Execution (RCE) Affected Interface: /tools/file/upload Vulnerability Details Problem Code Location: app/tools/controller/File.php Problem Function: upload() Issue Point: During file upload processing, the file extension is not validated, and the file is directly saved using the method. Attack Method Attacker Can: - Upload malicious files. - Execute remote code. Test Request Packet Malicious File Access Path Path: /uploads/chengji/20250423/Z3R6f823d59e3a2fT25adc51fce27fcf.php Successfully Executed Code PHP Version: 7.3.4 System: Windows NT DESKTOP-8HWRLLAC 10.0 build 20190 (Windows 10 Home Edition) AMD64 Compiler: MSVC15 (Visual C++ 2017) Summary This vulnerability allows attackers to upload malicious PHP files via the arbitrary file upload feature and execute remote code on the server, thereby gaining control over the server.