Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
IBM Planning Analytics file upload
Vulnerability Description
IBM Planning Analytics Local 2.0 could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious script, which could allow the attacker to execute arbitrary code on the vulnerable system. IBM X-Force ID: 265567.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
IBM Planning Analytics 代码问题漏洞
Vulnerability Description
IBM Planning Analytics是美国国际商业机器(IBM)公司的一套业务规划分析解决方案。该方案支持自动化执行业务规划、预算和分析等流程。 IBM Planning Analytics 2.0版本存在代码问题漏洞,该漏洞源于文件扩展名验证不当,远程攻击者利用该漏洞可以通过发送特制的 HTTP 请求上传恶意脚本,从而导致在易受攻击的系统上执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A