Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
BigFileAgent arbitrary file execution vulnerability
Vulnerability Description
An improper input validation vulnerability leading to arbitrary file execution was discovered in BigFileAgent. In order to cause arbitrary files to be executed, the attacker makes the victim access a web page d by them or inserts a script using XSS into a general website.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
输入验证不恰当
Vulnerability Title
BigFile BigFileAgent 输入验证错误漏洞
Vulnerability Description
BigFileAgent是韩国BigFile公司的一个韩国著名的下载网站。用于提供电影、电视、游戏、软件等下载资源。 BigFileAgent 1.0.1.9之前版本存在输入验证错误漏洞,该漏洞源于存在导致任意文件执行的不正确输入验证漏洞。攻击者可以让受害者访问他们的网页或使用XSS将脚本插入到一般网站中,使任意文件被执行。
CVSS Information
N/A
Vulnerability Type
N/A