Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
WBPublish (aka WBPublish.exe) in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allows remote attackers to execute arbitrary commands via shell metacharacters in input that is sent through HTTP and improperly used during temporary session data cleanup, possibly related to (1) directory names, (2) template names, and (3) session IDs.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Fujitsu-Siemens WebTransactions命令注入漏洞
Vulnerability Description
WebTransactions是用于集成整合已有主机应用的解决方案。 WebTransactions没有充分地验证用户提供的输入,在清除临时会话数据时WBPublish.exe在某些情况下将未经验证的输入传送给了system()函数,这可能允许攻击者在受影响的系统上执行任意命令。无需认证便可以通过Web浏览器来利用这个漏洞。
CVSS Information
N/A
Vulnerability Type
N/A