Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Incomplete blacklist vulnerability in Rockliffe MailSite Express before 6.1.22 allows remote attackers to upload and execute arbitrary script files by giving the files specific extensions, such as (1) .unk, (2) .asa, and possibly (3) .htr and (4) .aspx, which are not filtered like the .asp extension.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Rockliffe MailSite Express不完全的黑名单漏洞
Vulnerability Description
MailSite Express是一款免费的邮件服务程序。 Rockliffe MailSite Express 6.1.22以前的版本允许远程攻击者通过给文件以指定的扩展名如 (1) .unk, (2) .asa, and possibly (3) .htr and (4) .aspx,来上传并执行任意的脚本文件,这是由于没有像.asp一样的过滤造成的。
CVSS Information
N/A
Vulnerability Type
N/A