Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
flusity CMS upload.php handleFileUpload unrestricted upload
Vulnerability Description
A vulnerability has been found in flusity CMS and classified as critical. Affected by this vulnerability is the function handleFileUpload of the file core/tools/upload.php. The manipulation of the argument uploaded_file leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The associated identifier of this vulnerability is VDB-243643.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
flusity CMS 安全漏洞
Vulnerability Description
flusity CMS是一个可以轻松更改或添加代码的用户交互界面解决方案。 Flusity CMS 存在安全漏洞,该漏洞源于 core/tools/upload.php 的 handleFileUpload函数中的参数 uploaded_file 会导致上传不受限制。
CVSS Information
N/A
Vulnerability Type
N/A