onefilecms.php in OneFileCMS can be illegally modified (Administrator Privilege)

1.Access http://127.0.0.1/OneFileCMS-master/onefilecms.php by username/password , then click 'OneFileCMS-master'.

![1](https://user-images.githubusercontent.com/24263756/51887869-22787480-23d0-11e9-883a-3deb64026812.png)

2.Then click  'onefilecms.php'.

![2](https://user-images.githubusercontent.com/24263756/51887892-2f956380-23d0-11e9-9627-ca355c0c7091.png)

3.You can see that there is no permission to edit 'onefilecms.php'. And then click 'copy'.

![3](https://user-images.githubusercontent.com/24263756/51887904-38863500-23d0-11e9-8b49-c6e4740aa3f6.png)

4.Nothing to do ,and click 'copy' again.

![4](https://user-images.githubusercontent.com/24263756/51887915-4471f700-23d0-11e9-836a-d59527c9e3f3.png)

5.And you can see ,the file is ready for editing and saving. As following picture shows.

![5](https://user-images.githubusercontent.com/24263756/51888116-fa3d4580-23d0-11e9-9179-f3f0107a26f6.png)

6.After saving ,refresh the home page,found that has been modified.

![6](https://user-images.githubusercontent.com/24263756/51887970-7420ff00-23d0-11e9-938c-dfcedb482013.png)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

onefilecms.php in OneFileCMS can be illegally modified (Administrator Privilege) #51

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

onefilecms.php in OneFileCMS can be illegally modified (Administrator Privilege) #51

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions