Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Malicious File Upload vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform.
Vulnerability Description
Unrestricted Upload of File with Dangerous Type vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform allows Command Injection, Using Malicious Files, Upload a Web Shell to a Web Server.This issue affects Rental Module: before 23.05.15.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
Ideasoft E-commerce Platform 代码问题漏洞
Vulnerability Description
Ideasoft E-commerce Platform是Ideasoft开源的一款电商平台。 Ideasoft E-commerce Platform 23.05之前版本存在代码问题漏洞,该漏洞源于Rental Module存在危险类型文件不受限上传漏洞,允许命令注入,攻击者利用该漏洞可以使用恶意文件上传Web Shell到Web服务器。
CVSS Information
N/A
Vulnerability Type
N/A