漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Malicious File Upload vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform.
Vulnerability Description
Unrestricted Upload of File with Dangerous Type vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform allows Command Injection, Using Malicious Files, Upload a Web Shell to a Web Server.This issue affects Rental Module: before 23.05.15.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
Ideasoft E-commerce Platform 代码问题漏洞
Vulnerability Description
Ideasoft E-commerce Platform是Ideasoft开源的一款电商平台。 Ideasoft E-commerce Platform 23.05之前版本存在代码问题漏洞,该漏洞源于Rental Module存在危险类型文件不受限上传漏洞,允许命令注入,攻击者利用该漏洞可以使用恶意文件上传Web Shell到Web服务器。
CVSS Information
N/A
Vulnerability Type
N/A