Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ITPison OMICARD EDM - Arbitrary File Upload
Vulnerability Description
OMICARD EDM backend system’s file uploading function does not restrict upload of file with dangerous type. A local area network attacker with administrator privileges can exploit this vulnerability to upload and run arbitrary executable files to perform arbitrary system commands or disrupt service.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
ITPison OMICARD EDM 代码问题漏洞
Vulnerability Description
ITPison OMICARD EDM是中国ITPison公司的一个高速电子报 EDM 行销发送系統。 ITPison OMICARD EDM 存在代码问题漏洞,该漏洞源于存在不限制危险类型文件上传漏洞,具有管理员权限的局域网攻击者可利用该漏洞上传并运行任意可执行文件,执行任意系统命令或中断服务。
CVSS Information
N/A
Vulnerability Type
N/A