Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
config_converters.py in BSCW (Basic Support for Cooperative Work) 3.x and versions before 4.06 allows remote attackers to execute arbitrary commands via shell metacharacters in the file name during filename conversion.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
BSCW命令执行漏洞
Vulnerability Description
BSCW (Basic Support for Cooperative Work)是一款基于WEB的应用组件程序,允许用户通过WEB接口共享工作平台,运行在Microsoft Windows NT/2000系统上,也可运行在Linux和Unix系统平台上。BSCW调用外部程序来执行从一文件格式转换为另一文件格式的功能,如把GIF转换为JPEG。 BSCW在处理用户输入的处理中存在漏洞,可以导致远程攻击者可以以httpd权限在目标系统上执行任意代码。 BSCW没有过滤请求的外部文件转换程序名所包含的元字符,
CVSS Information
N/A
Vulnerability Type
N/A