Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Unrestricted file upload vulnerability in the Manage Project functionality in Livetecs Timelive before 6.5.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in a predictable directory in Uploads/.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Livetecs Timelive 任意文件上传漏洞
Vulnerability Description
Livetecs Timelive是美国Livetecs公司的一套时间管理解决方案。该方案提供时间表、员工考勤、费用管理和电子邮件通知等功能。 Livetecs Timelive 6.2.8及之前版本的Manage Project功能中存在任意文件上传漏洞。远程攻击者可通过上传可执行的扩展文件利用该漏洞执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A