Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-16131 PoC — 锟铻科技 OKLite 代码问题漏洞

Source
https://github.com/Threekiii/Awesome-POC/blob/master/CMS%E6%BC%8F%E6%B4%9E/OKLite%201.2.25%20%E5%90%8E%E5%8F%B0%E6%8F%92%E4%BB%B6%E5%AE%89%E8%A3%85%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0.md
Associated Vulnerability
Title:锟铻科技 OKLite 代码问题漏洞 (CVE-2019-16131)
Description:framework/admin/modulec_control.php in OKLite v1.2.25 has an Arbitrary File Upload Vulnerability because a .php file from a ZIP archive can be written to /data/cache/.
File Snapshot

 # OKLite 1.2.25 后台插件安装 任意文件上传

## 漏洞描述

OKLite v1.2.25 后台插件过滤不完善导致可以上传恶意木马文件

## 漏洞影响

```
OKLite 1.

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →