{
  "Name": "Shiziyu CMS wxapp.php file upload getshell",
  "Description": "No need to log in for any file upload, return to the webshell path via exp,Using Behinder_v3.0 connection, password is rebeyond",
  "Product": "ShiziyuCMS",
  "Homepage": "https://www.tyha.cn/tag/%e7%8b%ae%e5%ad%90%e9%b1%bc%e7%a4%be%e5%8c%ba%e5%9b%a2%e8%b4%ad/",
  "DisclosureDate": "2021-05-28",
  "Author": "HuaiNian",
  "GobyQuery": "body=\"/seller.php?s=/Public/login\"",
  "Level": "3",
  "Impact": "<p>Unlimited arbitrary file uploads, direct access to Webshell<br></p>",
  "Recommendation": "<p>Set up a whitelist of suffix names<br></p>",
  "References": [
    "http://wiki.peiqi.tech"
  ],
  "HasExp": true,
  "ExpParams": null,
  "ExpTips": {
    "Type": "",
    "Content": ""
  },
  "ScanSteps": null,
  "ExploitSteps": null,
  "Tags": [
    "File Upload"
  ],
  "CVEIDs": null,
  "CVSSScore": "0.0",
  "AttackSurfaces": {
    "Application": null,
    "Support": null,
    "Service": null,
    "System": null,
    "Hardware": null
  }
}