Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
ManageEngine AppManager15 (Build No:15510) allows an authenticated admin user to upload a DLL file to perform a DLL hijack attack inside the 'working' folder through the 'Upload Files / Binaries' functionality.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ZOHO ManageEngine Applications Manager 代码问题漏洞
Vulnerability Description
ZOHO ManageEngine Applications Manager是美国卓豪(ZOHO)公司的一套IT运维管理解决方案。该产品具有应用性能管理、故障管理、报表生成和SLA管理等功能。 Zoho ManageEngine Applications Manager存在代码问题漏洞,该漏洞源于应用程序试图从当前工作目录加载DLL文件和脚本。远程用户可以通过upload Files Binaries功能上传恶意DLL,并在服务重启后在系统上执行。该漏洞允许远程用户升级系统上的权限。
CVSS Information
N/A
Vulnerability Type
N/A