Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Unrestricted file upload vulnerability in incident_attachments.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in unspecified directory, a different program than CVE-2011-3833.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Support Incident Tracker ‘incident_attachments.php’无限制文件上传漏洞
Vulnerability Description
Support Incident Tracker (or SiT!)是一个基于Web技术支持电话或电子邮件的追踪应用程序。 Support Incident Tracker (也称 SiT!) 3.65版本的incident_attachments.php中存在无限制文件上传漏洞。远程认证用户可利用此漏洞借助对在未明目录中文件的直接请求,通过上传带有可执行扩展的文件然后访问该文件,执行任意PHP代码。
CVSS Information
N/A
Vulnerability Type
N/A