漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Bettershop LaikeTui POST Request unrestricted upload
Vulnerability Description
A vulnerability, which was classified as critical, has been found in Bettershop LaikeTui. Affected by this issue is some unknown functionality of the file index.php?module=api&action=user&m=upload of the component POST Request Handler. The manipulation leads to unrestricted upload. The attack may be launched remotely. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The identifier of this vulnerability is VDB-238160.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
LaikeTui 代码问题漏洞
Vulnerability Description
LaikeTui(来客电商)是个人开发者的稳定且小巧的开源商城系统。 Bettershop LaikeTui存在代码问题漏洞,该漏洞源于组件 POST Request Handler中的 index.php?module=api&action=user&m=upload 存在一些未知函数,导致上传不受限制。
CVSS Information
N/A
Vulnerability Type
N/A