The RfExample plug-in has a remote code execution vulnerability #110
Description
We found a remote command execution vulnerability in the RfExample plugin in the official plugin market.
In the actionCutImage() function of VideoController.php, the load method in the Modle class gets the post data:
Then $modle->video is parsed in getLocalFilePath; video is also CutImageForm['video'], which is discovered by debugging
CutImageForm['video'] is controllable and a malicious user can write malicious commands on the front end by controlling this value
Here are the results:
