漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
UniSharp Laravel File Manager v2.0.0-alpha7 Arbitrary File Upload
Vulnerability Description
UniSharp Laravel File Manager v2.0.0-alpha7 and v2.0 contain an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by sending multipart form data to the upload endpoint. Attackers can upload PHP files with the type parameter set to Files and execute arbitrary code by accessing the uploaded file through the working directory path.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
Laravel File Manager 代码问题漏洞
Vulnerability Description
Laravel File Manager是Aleksandr Manekin个人开发者的一个Laravel文件管理器。 Laravel File Manager v2.0.0-alpha7和v2.0版本存在代码问题漏洞,该漏洞源于存在任意文件上传,可能导致经过身份验证的攻击者上传恶意文件并执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A