Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Directory traversal vulnerability in PeopleTools 8.10 through 8.18, 8.40, and 8.41 allows remote attackers to overwrite arbitrary files via the SchedulerTransfer servlet.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
PeopleSoft PeopleTools SchedulerTransfer远程命令执行漏洞
Vulnerability Description
PeopleSoft企业软件集成多个商务功能,包括人事、客户关系、供求关系、财务等管理。PeopleSoft应用程序架构包括一个基于WEB服务器的报告库,"SchedulerTransfer" Java Servlet用于使用HTTP或者HTTPS传输协议把报告移到报告库中。 "SchedulerTransfer" Java Servlet没有充分检查外部提供的数据,远程攻击者利用这个漏洞以WEB服务进程权限在系统上写恶意文件或覆盖已知文件并执行。 "SchedulerTransfer" Servlet在
CVSS Information
N/A
Vulnerability Type
N/A