Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in BACKCLICK Professional 5.9.63. Due to improper validation or sanitization of upload filenames, an externally reachable, unauthenticated update function permits writing files outside the intended target location. Achieving remote code execution is possible, e.g., by uploading an executable file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
BACKCLICK 路径遍历漏洞
Vulnerability Description
BACKCLICK是德国BACKCLICK公司的一种营销软件,可帮助组织创建、实施、评估和运行基于 web 的电子邮件活动。 BACKCLICK Professional 5.9.63版本存在安全漏洞,该漏洞源于上传文件名的验证或清理不当,外部可访问、未经身份验证的更新功能允许在预期目标位置之外写入文件,攻击者利用该漏洞可以上传可执行文件。
CVSS Information
N/A
Vulnerability Type
N/A