Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
HTTP::Body::Multipart in the HTTP-Body module for Perl (1.07 through 1.22, before 1.23) uses the part of the uploaded file's name after the first "." character as the suffix of a temporary file, which makes it easier for remote attackers to conduct attacks by leveraging subsequent behavior that may assume the suffix is well-formed.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Perl-HTTP-Body模块命令注入漏洞
Vulnerability Description
Perl是美国程序员拉里-沃尔(Larry Wall)所研发的一种免费且功能强大的跨平台编程语言。HTTP-Body是其中的一个Body解析模块。 Perl-HTTP-Body模块中的HTTP::Body::Multipart解析器1.08及之前的版本中存在命令注入漏洞。远程攻击者可利用该漏洞上传文件到服务器,执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A