Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Bludit - Remote Code Execution (RCE) through File API
Vulnerability Description
A security vulnerability has been identified in Bludit, allowing attackers with knowledge of the API token to upload arbitrary files through the File API which leads to arbitrary code execution on the server. This vulnerability arises from improper handling of file uploads, enabling malicious actors to upload and execute PHP files.
CVSS Information
N/A
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
Bludit 安全漏洞
Vulnerability Description
Bludit是一套开源的轻量级博客内容管理系统(CMS)。 Bludit存在安全漏洞,该漏洞源于对文件上传的不当处理,攻击者可以利用该漏洞通过文件API上传任意文件,从而导致服务器上的任意代码执行。
CVSS Information
N/A
Vulnerability Type
N/A