mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-11 12:37:41 +02:00
marc
838 B
838 B
CVE-2021-39433
Description
A local file inclusion (LFI) vulnerability exists in version BIQS IT Biqs-drive v1.83 and below when sending a specific payload as the file parameter to download/index.php. This allows the attacker to read arbitrary files from the server with the permissions of the configured web-user.
POC
Reference
No PoCs from references.