Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
VhttpdMgr in Thomson Reuters Velocity Analytics Vhayu Analytic Server 6.94 build 2995 allows remote attackers to execute arbitrary code via a URL in the fileName parameter during an importFile action.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Thomson Reuters Velocity Analytics 远程代码注入漏洞
Vulnerability Description
Thomson Reuters Velocity Analytics是美国汤森路透(Thomson Reuters)公司的一套标准化数据分析和票务数据管理平台。该平台集成了一个数据存储库,可对元数据、第三方数据源、专有数据提供数据管理功能。 Thomson Reuters Velocity Analytics Vhayu Analytic Server 6.94 build 2995及之前的版本中存在代码注入漏洞,该漏洞源于VhttpdMgr脚本没有正确过滤‘fileName’参数。远程攻击者可通过上传P
CVSS Information
N/A
Vulnerability Type
N/A