Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in Ocean Data Systems Dream Report before 4.0 and other products, allows user-assisted remote attackers to execute arbitrary code via a malformed file that triggers a "write access violation."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Dream Report跨站脚本漏洞和远程代码执行漏洞
Vulnerability Description
Dream Report 4.0之前版本中存在跨站脚本漏洞和远程代码执行漏洞,该漏洞源于对用户提供的数据未经充分过滤。攻击者可利用这些漏洞在web服务器上下文中执行任意代码,操控受影响的应用程序;从网站的合法用户处盗取基于cookie的认证证书,也可能执行其他攻击。
CVSS Information
N/A
Vulnerability Type
N/A