Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An unrestricted file upload issue in FlexDotnetCMS before v1.5.9 allows an authenticated remote attacker to upload and execute arbitrary files by using the FileManager to upload malicious code (e.g., ASP code) in the form of a safe file type (e.g., a TXT file), and then using the FileEditor (in v1.5.8 and prior) or the FileManager's rename function (in v1.5.7 and prior) to rename the file to an executable extension (e.g., ASP), and finally executing the file via an HTTP GET request to /<path_to_file>.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MacdonaldRobinson FlexDotnetCMS 代码问题漏洞
Vulnerability Description
MacdonaldRobinson FlexDotnetCMS是MacdonaldRobinson(Macdonaldrobinson)个人开发者的一款基于 ASP .NET 开发的内容管理系统。 FlexDotnetCMS v1.5.9版本存在代码问题漏洞,该漏洞允许经过身份验证的远程攻击者上传使用文件管理和执行任意文件上传恶意代码,攻击者可利用该漏洞将一个安全的文件类型(比如,一个TXT文件),然后使用FileEditor 或重命名的文件管理功能将文件重命名为一个可执行的扩展(例如,ASP),最后,通
CVSS Information
N/A
Vulnerability Type
N/A