Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A remote code execution (RCE) vulnerability via an insecure file upload exists in gugoan's Economizzer v.0.9-beta1 and commit 3730880 (April 2023). A malicious attacker can upload a PHP web shell as an attachment when adding a new cash book entry. Afterwards, the attacker may visit the web shell and execute arbitrary commands.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Economizzer 代码问题漏洞
Vulnerability Description
Economizzer是Gustavo G. Andrade个人开发者的一个使用 PHP Yii Framework 2 制作的简单且开源的个人财务管理系统。 Economizzer v.0.9-beta1版本存在代码问题漏洞,该漏洞源于存在不安全文件上传的远程代码执行(RCE)漏洞,攻击者可以访问Web shell并执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A