Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Malicious File Upload in ArslanSoft's Education Portal
Vulnerability Description
Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal allows Command Injection.This issue affects Education Portal: before v1.1.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
ArslanSoft Education Portal 代码问题漏洞
Vulnerability Description
ArslanSoft Education Portal是ArslanSoft公司的一个教育门户网站。 ArslanSoft Education Portal v1.1之前版本存在代码问题漏洞,该漏洞源于存在文件上传漏洞。攻击者可利用该漏洞通过上传危险文件进行命令注入。
CVSS Information
N/A
Vulnerability Type
N/A