Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ITPison OMICARD EDM 's SMS - Arbitrary File Upload
Vulnerability Description
ITPison OMICARD EDM’s file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker can exploit this vulnerability to upload and run arbitrary executable files to perform arbitrary system commands or disrupt service.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
ITPison OMICARD EDM 安全漏洞
Vulnerability Description
ITPison OMICARD EDM是中国ITPison公司的一个高速电子报 EDM 行销发送系統。 ITPison OMICARD EDM v6.0.1.5版本存在安全漏洞,该漏洞源于文件上传功能不限制危险类型文件的上传,远程攻击者利用该漏洞可以上传并运行任意可执行文件,以执行任意系统命令或中断服务。
CVSS Information
N/A
Vulnerability Type
N/A