Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Unrestricted file upload vulnerability in admin/uploadImage.html in SearchBlox before 7.5 build 1 allows remote attackers to execute arbitrary code by uploading an executable file with the image/jpeg content type, and then accessing this file via unspecified vectors, as demonstrated by access to a JSP file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SearchBlox 远程命令注入漏洞
Vulnerability Description
SearchBlox是美国SearchBlox公司的一套开源免费的基于Lucene(全文检索引擎工具包)构建的企业搜索和分析解决方案。该方案提供一个基于Web的管理界面,可以管理整个搜索系统。 SearchBlox 7.5及之前的版本中的admin/uploadImage.html页面中存在未限制文件上传漏洞。远程攻击者可通过上传带有image/jpeg内容类型的可执行文件(如JSP文件),然后访问此文件,利用该漏洞执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A