Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A code execution vulnerability exists in ProcessMaker Enterprise Core 3.0.1.7-community. A specially crafted web request can cause unsafe deserialization potentially resulting in PHP code being executed. An attacker can send a crafted web parameter to trigger this vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ProcessMaker Enterprise Core 安全漏洞
Vulnerability Description
ProcessMaker Enterprise Core是美国ProcessMaker公司的一套商业流程管理(BPM)和工作流管理软件。该软件可通过一个图形化的Web界面进行拖拽操作、自定义流程的Web窗体等。 ProcessMaker Enterprise Core 3.0.1.7-community版本中存在安全漏洞,该漏洞源于程序反序列化了不可信的数据。攻击者可通过发送特制的Web请求利用该漏洞执行PHP代码。
CVSS Information
N/A
Vulnerability Type
N/A