Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in SmartClient 12.0. The Remote Procedure Call (RPC) saveFile provided by the console functionality on the /tools/developerConsoleOperations.jsp (or /isomorphic/IDACall) URL allows an unauthenticated attacker to overwrite files via vectors involving an XML comment and /.. path traversal.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SmartClient 安全漏洞
Vulnerability Description
Smartclient是Smartclient公司的一个智能解决方案,使构建基于纯 Web 标准的强大、高效的 Web 应用程序变得简单。 SmartClient 12.0版本中的/tools/developerConsoleOperations.jsp(或/isomorphic/IDACall)URL上的控制台功能的saveFile方法存在安全漏洞。攻击者可利用该漏洞覆盖文件。
CVSS Information
N/A
Vulnerability Type
N/A