Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Unrestricted Upload of File with Dangerous Type vulnerability in OpenGnsys
Vulnerability Description
Unrestricted file upload vulnerability in OpenGnsys affecting version 1.1.1d (Espeto). This vulnerability allows an attacker to send a POST request to the endpoint '/opengnsys/images/M_Icons.php' modifying the file extension, due to lack of file extension verification, resulting in a webshell injection.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
危险类型文件的不加限制上传
Vulnerability Title
OpenGnsys 代码问题漏洞
Vulnerability Description
OpenGnsys是西班牙OpenGnsys项目的一个开源的计算机设备管理软件。 OpenGnsys 1.1.1d(Espeto)版本存在代码问题漏洞,该漏洞源于存在无限制文件上传漏洞,允许攻击者发送POST请求修改文件扩展名,从而导致webshell注入。
CVSS Information
N/A
Vulnerability Type
N/A