Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Grand Vice info Co. webopac7 - Arbitrary File Upload
Vulnerability Description
Grand Vice info Co. webopac7 file upload function fails to filter special characters. While logging in with general user’s permission, remote attackers can upload malicious script and execute arbitrary code to control the system or interrupt services.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
欣学英资讯 webopac7 代码问题漏洞
Vulnerability Description
欣学英资讯 Webopac7是中国欣学英资讯公司的一种在线公共访问目录。用于用户通过 Internet 使用图书馆的服务。 欣学英资讯 webopac7 存在代码问题漏洞,该漏洞源于文件上传功能无法过滤特殊字符。 远程攻击者在以普通用户权限登录的情况下,可以上传恶意脚本并执行任意代码来控制系统或中断服务。
CVSS Information
N/A
Vulnerability Type
N/A