Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Unrestricted file upload vulnerability in Collabtive 0.4.8 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension and using a text/plain MIME type, then accessing it via a direct request to the file in files/, related to (1) the showproject action in managefile.php or (2) the Messages feature.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Collabtive 任意文件上传漏洞
Vulnerability Description
Collabtive 0.4.8中存在任意文件上传漏洞。远程认证用户可以借助上传一个具有可执行扩展名的一个文件并运用text/plain MIME形式,然后向files/的文件提交一个直接请求来访问该文件,以执行任意代码。该文件与(1) managefile.php中的showproject操作 或 (2) Messages 部件有关。
CVSS Information
N/A
Vulnerability Type
N/A