Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
I Librarian I-librarian version 4.8 and earlier contains a XML External Entity (XXE) vulnerability in line 154 of importmetadata.php(simplexml_load_string) that can result in an attacker reading the contents of a file and SSRF. This attack appear to be exploitable via posting xml in the Parameter form_import_textarea.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
I Librarian I-librarian 安全漏洞
Vulnerability Description
I Librarian I-librarian是一款用于编辑PDF文件的应用程序。 I Librarian I-librarian 4.8及之前版本中的importmetadata.php文件的第154行存在XML外部实体注入漏洞。攻击者可利用该漏洞读取文件内容并实施服务器端请求伪造攻击。
CVSS Information
N/A
Vulnerability Type
N/A