Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
e-Excellence U-Office Force - Arbitrary File Upload
Vulnerability Description
e-Excellence U-Office Force file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker without logging the service can exploit this vulnerability to upload arbitrary files to perform arbitrary command or disrupt service.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
e-Excellence U-Office Force 代码问题漏洞
Vulnerability Description
e-Excellence U-Office Force是中国一等一科技(e-Excellence)公司的一个电子办公室平台。 e-Excellence U-Office Force存在代码问题漏洞,该漏洞源于不限制危险类型文件的上传,未登录服务的未经身份验证的远程攻击者可以利用此漏洞上传任意文件并执行任意命令或中断服务。
CVSS Information
N/A
Vulnerability Type
N/A