This is the base information of the website. It is obviously the latest version of the feehi cms. And in the advertising management of feehi cms v2.1.1, you can upload PHP file by changing the image suffix to PHP, resulting in command execution.It has a file upload vulnerability before V2.0.8 and can directly execute any code. The vulnerability number is CNVD-2022-13190 (CVE-2020-21322). The vulnerability is caused by processing image upload/common/models/AdminUser. PHP when processing image upload, rules rules is not effective, lead to the uploader can control the upload file suffix.




The first time to upload the image directly, the front end will report an error, upload failure. And as you can see, the field of User[avatar] is empty.
Then you need go back to the front end. You need to hit the delete key, at this time, select a new file to upload. After observing that AdminUser[avatar] is 0 in the data packet.