Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
eprintsug ulcc-core toolbox command injection
Vulnerability Description
A vulnerability was found in eprintsug ulcc-core. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file cgi/toolbox/toolbox. The manipulation of the argument password leads to command injection. The attack can be launched remotely. The patch is named 811edaae81eb044891594f00062a828f51b22cb1. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217447.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
EPrints User Group ulcc-core 命令注入漏洞
Vulnerability Description
ulcc-core是EPrints User Group开源的一个存储库。 EPrints User Group ulcc-core存在命令注入漏洞,该漏洞源于其cgi/toolbox/toolbox文件的未知函数对参数password的操作允许攻击者实现命令注入。
CVSS Information
N/A
Vulnerability Type
N/A