Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Unrestricted file upload vulnerability in the File Manager in the admin panel in Twentyone Degrees Symphony 1.7.01 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension to a directory specified in the destination parameter, then accessing the uploaded file via a direct request, as demonstrated using workspace/masters/.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
21degrees symphony 文件上传漏洞
Vulnerability Description
21Degrees Symphony是一套网站管理系统。 Symphony 1.7.01以及之前的版本中的admin panel中的文件管理器存在未限制文件上传漏洞。 远程攻击者可以通过先上传一个带有可执行文件到destination参数指定的目录中,然后再通过直接请求访问该上传文件,实现任意代码执行。
CVSS Information
N/A
Vulnerability Type
N/A