Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in OFCMS before 1.1.3. It allows admin/cms/template/getTemplates.html?res_path=res directory traversal, with ../ in the dir parameter, to write arbitrary content (in the file_content parameter) into an arbitrary file (specified by the file_name parameter). This is related to the save function in TemplateController.java.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
中天网络科技 OFCMS 路径遍历漏洞
Vulnerability Description
中天网络科技 OFCMS是中国中天网络科技公司的一套使用Java语言开发的内容管理系统(CMS)。 中天网络科技 OFCMS 1.1.3之前版本中存在安全漏洞。攻击者可借助‘dir’、‘file_content’和‘file_name’参数利用该漏洞向任意文件写入任意内容。
CVSS Information
N/A
Vulnerability Type
N/A