Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-48031 PoC — OpenSupports 安全漏洞

Source
https://github.com/nitipoom-jar/CVE-2023-48031
Associated Vulnerability
Title:OpenSupports 安全漏洞 (CVE-2023-48031)
Description:OpenSupports v4.11.0 is vulnerable to Unrestricted Upload of File with Dangerous Type. In the comment function, an attacker can bypass security restrictions and upload a .bat file by manipulating the file's magic bytes to masquerade as an allowed type. This can enable the attacker to execute arbitrary code or establish a reverse shell, leading to unauthorized file writes or control over the victim's station via a crafted file upload operation.
File Snapshot

 [4.0K]  /data/pocs/f21c243bd2af16bbd96740e55f32ddbbb830f5f1
├── [107K]  00.png
├── [ 93K]  0.gif
├── [ 67K]  1.png
├── [ 93K]  2.png
├── [ 61K]  3.png
├── [2.3K]  44.png
├── [1.8M]  4.5.gif
├── [113K]  4.5.png
├── [1.1M]  4.gif
├── [1.8M]  4.png
├── [1.8M]  5.gif
├── [1.2M]  6.gif
├── [1.4M]  7.gif
├── [897K]  8.gif
├── [8.0K]  index.html
└── [ 11K]  styles.css

0 directories, 16 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →