漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
N/A
漏洞信息
In Combodo iTop 2.2.0 through 2.6.0, if the configuration file is writable, then execution of arbitrary code can be accomplished by calling ajax.dataloader with a maliciously crafted payload. Many conditions can place the configuration file into a writable state: during installation; during upgrade; in certain cases, an error during modification of the file from the web interface leaves the file writable (can be triggered with XSS); a race condition can be triggered by the hub-connector module (community version only from 2.4.1 to 2.6.0); or editing the file in a CLI.
漏洞信息
N/A
漏洞
N/A
漏洞
Combodo iTop 输入验证错误漏洞
漏洞信息
Combodo iTop 2.2.0版本至2.6.0版本中存在安全漏洞。攻击者可借助恶意制作的payload利用该漏洞执行任意代码。
漏洞信息
N/A
漏洞
N/A