This is a security advisory detailing an unauthenticated file upload vulnerability in Sisfokol 4.0, allowing remote attackers to upload malicious files (e.g., webshells) without authentication. The advisory lists affected directories and describes the impact as high, including potential system access.
Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Theoretical
Target:Sisfokol 4.0
No auth needed
Prerequisites:Access to the target web application · Ability to send HTTP POST requests