漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Progress Application Server (PAS) for OpenEdge File Upload via Directory Traversal
Vulnerability Description
This issue affects Progress Application Server (PAS) for OpenEdge in versions 11.7 prior to 11.7.18, 12.2 prior to 12.2.13, and innovation releases prior to 12.8.0. An attacker can formulate a request for a WEB transport that allows unintended file uploads to a server directory path on the system running PASOE. If the upload contains a payload that can further exploit the server or its network, the launch of a larger scale attack may be possible.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
Progress Software OpenEdge 代码问题漏洞
Vulnerability Description
Progress Software OpenEdge是美国Progress Software公司的一套集成开发环境(IDE)。 Progress Software OpenEdge 11.7版本至11.7.18之前版本、12.2版本至12.2.13之前版本存在安全漏洞。攻击者利用该漏洞可以制定 WEB 传输请求,允许将意外文件上传到运行 PASOE 系统上的服务器目录路径。
CVSS Information
N/A
Vulnerability Type
N/A